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Rant Away 

Oh | do love a rant! So, Nicholas, feel free to rant— 
especially when the rant is as relevant as that in the 
February 2006 issue of LJ. Indeed, let’s stop skim- 
ming the scum from Redmond's ponds. We need to 
stop treating MS products as the de facto “gold 
standard”. Of course, this means giving up the unre- 
alistic attempt to make Linux a drop-in replacement 
for Windows XP, and instead letting Linux stand on 
its own merits—merits in terms of functionality, initial 
cost, TCO (as if anyone had any real idea), communi- 
ty, potential for learning and liberty. 

You might be interested in the longer, gentler 
rant by Dominic Humphries “Linux is not Windows”, 
at linux.oneandoneis2.org/LNW.htm, which 
| give to my students. 

Keep ranting! I'd hate to be the only one doing it. 


Gordon Findlay 


No Ho-Hums 

I'm a longtime subscriber to L/. | really look forward 
to every issue, you all do a great job. So, when | read 
“Nick Gets His Wish” [February 2006], | thought, 
“okay another ‘ho-hum’ editor that isn’t going to 
make waves, especially on the first issue”. Oh was | 
in for a surprise on the last page! You really tell it 
like it is man! Good job. | like you already. 


Rick Bronson 


Your Fine Rant Needs to Cover 
Even More 
There is no reliable, usable way to develop custom 
small- to medium-sized business applications to run 
under Linux. Many small- to medium-sized business- 
es that | develop for would have gladly switched to 
Linux, until | tell them that they will have to continue 
running their custom software under a Windows 
emulator, because there is simply no other feasible 
way to do it. Then it's, “Why switch to Linux then?” 
/end/rant, good luck! 


Terry 


According to Evans Data, the vast majority of 
developers who use Linux as their primary 
platform for creating small- to medium-business 
solutions switched to Linux from Windows. They 
are creating native Linux applications with Eclipse 
and/or KDevelop and a wide variety of languages 
and toolkits. There is no need for Windows 
emulation.—Ed. 


Skim Cream Not Scum— 
OpenOffice.org 2.01 
After reading your article about moles in the Open 
Source community [February 2006], | tried to install 
OpenOffice.org 2.01 on Windows 98 SE and discov- 
ered that it would not load due to the unpacking 
and loading changes that have been made in XP. | 
guess OOo 2.01 has an XP loader. So, if you have 
been using OpenOffice.org on Win 98 SE and try to 
go to OOo 2.01, you will find that you need XP to 
unpack OOo 2.01. 

| thought you would like to know that your 
“mole” theory is not too far off. 


John Farrow 


This Is Gonna Be Fun 

This [past] month's table of contents [February 2006], 
not much: MSP 430? Qtopia? Embedded DB40? 
Augmenting Moore's Law? Case Studies? Nope. The 
only things of real interest are the Single Sign-On 
article and the opportunity to drool over the Nokia 
770. Next month's Security issue [March 2006] looks 
interesting, though. 

And then | get to /etc/rant. All right. Finally, some- 
one with the guts to say out loud that this slavish 
emulation of Windows sucks. That flat file text config 
files with tons of comments beat the living crap outta 
the registry. That we don't need a clone of Dot-Net. 
That OSS has been so busy making sure that we can 
do everything that the proprietary systems can do that 
we haven't done anything truly creative in years. 

Petreley’s EIC of LJ. Oh, yeah. This is gonna be fun. 

But, according to the LSB, you should have put it 
under /var. 


Jeff Simmons 


Test This! 
In the January 2006 LJ Work The Shell column, Mr 
Taylor states that “using the [ symbol ensures you'll use 
the built-in version [of test] if available, but explicitly 
calling test means that you'll likely not have that per- 
formance enhancement when running your scripts.” 
This is totally incorrect. In the AT&T UNIX world, 
test and [ were both built in to the shell starting with 
System Ill (circa 1980), and have been ever since. A 
shell script will never run /bin/test if called as plain 
test, since built-in commands are always found 
before external commands. Please pass this clarifica- 
tion on to your readers. 


Arnold Robbins 
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Superb Opening Volley 
THANK YOU. THANK YOU. THANK YOU for point- 
ing out the absurdity of some the “goings on” in 
the Linux community of late (re: your /etc/rant on 
Skim Cream not Scum in the February 2006 LJ). 
We love Linux, Linux Journal and all things 
open source. Our CTO and | (both former 
research Physicists) have watched in amazement 
as the gatekeepers of things “open source” con- 
inue to misplace their angst and focus—with 
he Sun/Java hangup being front and center. 

The only people on planet Earth who have not 
ealized that Java is open source is a small group of 
C-exec’s at Sun and those Microsoft sycophants in 
he Linux community you so eloquently point out. 

Sure Sun continues to have a hand in the 
direction of Java—as does Torvalds on the direc- 
ion of Linux. However, neither Sun nor Torvalds 
can just do whatever they want—their genies 
got out of the bottle long ago.... 


Jean 


Rants, Maturity and 

Linux Journal 

One of the things I've always liked about Linux 
Journal is the mature, experienced viewpoints. 
After reading Mr Petreley’s rant, I'm wondering i 
that’s going to come to an end very soon. The 
whole fanatical anti-Microsoft thing is better 
suited for the “insightful” Slashdot crowd; the 
real beauty of Linux and open source isn’t anti- 
anything. It's about positive and creative effort, 
solving problems and providing choice. 


= 


Eater 


Funny you should mention that open source is 
about choice.—Ed. 


Registry Data Is Still Data 

| just finished reading your /etc/rant column in the 
February 2006 issue of Linux Journal. Although not 
generally a Microsoft apologist, there are some 
things | feel compelled to point out to you. The 
philosophy behind the Windows registry is not uni- 
versally wrong. Whether it is a single binary 
database or a massive XML file is really irrelevant. 


Tim 


XML was a fad choice and unnecessarily obfus- 
cates the information. But the biggest problem | 
have with the Linux registry is how the data is 
managed by various dzemons.—Ed. 
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Rant #1 

Welcome to Linux Journal. |'ve subscribed for 
about eight years now and have seen several 
editors and other staff migrate through. | hope 
your tenure is fulfilling and mutually beneficial 
(that is, you and the magazine). 

When | read your end-of-issue rant, “Skim 
Cream not Scum”, | could really relate to it. And, 
| share your disgust with those that try to emu- 
late Microsoft rather than offer better things. 

| use OOo 2.0 only because 1) it converts 
all my old WP files going back more than a 
decade, and 2) it can save in the new 
OpenDocument Format. However, | have also 
come to like LaTeX (and even came to love 
LyX for its productivity over writing in Emacs), 
and that's what | use for articles, reports and 
my book. | use OOo only to view Word docs 
sent to me by those still stuck in the 
Microsoft world (which includes virtually all 
my clients, agency staff, association staff and 
relatives) and to send them digital copies of 
documents they need to read in Word. 

Keep ranting about the Emperor not 
wearing any clothes. Perhaps folks might 
catch a clue eventually. 


Rich 


Linux at Home—You 
Conned Me 

When | passed the magazine stand at Fry’s a few 
days ago and saw your January 2006 issue, with 
“Home Projects”, “Linux Phone Home” and 
especially “At Home with Linux” on the cover, | 
bought it. | think you conned me. But, hey, it 
was only five bucks. 

What | would like to see is a magazine that 
tells me how to set up my computer so | can do 
word processing, data bases and spreadsheets 
easily. Using Linux. Your magazine does not do 
that. Not in any part of it. 


William F. Steagall, Sr. 


We have a sister magazine that addresses 
exactly the sort of thing you describe. It's 
called TUX (www.tuxmagazine.com). /t 
is available in PDF format.—Ed. 


JOURNAL 


At Your Service 


MAGAZINE 


PRINT SUBSCRIPTIONS: Renewing your 
subscription, changing your address, paying your 
invoice, viewing your account details or other 
subscription inquiries can instantly be done on-line, 
www.linuxjournal.com/subs. Alternatively, 
within the U.S. and Canada, you may call 

us toll-free 1-888-66-LINUX (54689), or 
internationally +1-713-589-2677. E-mail us at 
subs@linuxjournal.com or reach us via postal mail, 
Linux Journal, PO Box 3587, Houston, TX 77253- 
3587 USA. Please remember to include your 
complete name and address when contacting us. 


DIGITAL SUBSCRIPTIONS: Digital subscriptions 
of Linux Journal are now available and delivered as 
PDFs anywhere in the world for one low cost. 
Visit www.linuxjournal.com/digital for more 
information or use the contact information above 
for any digital magazine customer service inquiries. 


LETTERS TO THE EDITOR: We welcome 

your letters and encourage you to submit them 
to ljeditor@ssc.com or mail them to SSC Editorial, 
1752 NW Market Street, #200, Seattle, WA 98107 
USA. Letters may be edited for space and clarity. 


WRITING FOR US: We always are looking 
for contributed articles, tutorials and real- 
world stories for the magazine. An author's 
guide, a list of topics and due dates can be 
found on-line, www.linuxjournal.com/author. 


ADVERTISING: Linux Journal is a great 
resource for readers and advertisers alike. 
Request a media kit, view our current 

editorial calendar and advertising due 

dates, or learn more about other advertising 
and marketing opportunities by visiting us 
on-line, www.linuxjournal.com/advertising. 
Contact us directly for further information, 
ads@linuxjournal.com or +1 206-782-7733 ext. 2. 


ON-LINE 


WEB SITE: Read exclusive on-line-only content on 
Linux Journal's Web site, www.linuxjournal.com. 
Also, select articles from the print magazine 

are available on-line. Magazine subscribers, 
digital or print, receive full access to issue 
archives; please contact Customer Service for 
further information, subs@linuxjournal.com. 


FREE e-NEWSLETTERS: Each week, Linux 
Journal editors will tell you what's hot in the world 
of Linux. Receive late-breaking news, technical tips 
and tricks, and links to in-depth stories featured 
on www.linuxjournal.com. Subscribe for free 
today, www.linuxjournal.com/enewsletters. 
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\UX SuperServer 6014P-32R 


SAS Server 


Dual-core Xeon 


Dual Intel” Dual-core 64-bit Xeon” processors support 
SUPER®* X6DHP-3G2 Serverboard 

Intel® E7520 chipset/B00MHz 

Up to 16GB ECC Reg. DDRII 400 SDRAM 

1 Universal PCI-X 133MHz (full-length)/ 

1 PCI-Express x8 

1 Universal PCI-X 133MHz (low-profile)/ 

1 PCI-Express x8 

Dual Gigabit LAN ports 

Adaptec®9410W controller for 8 SAS/SATA drives 
AOC-LPZCR1 Zero-Channel RAID support 

4x 1" hot-swap SAS/SATA drive bays w/SES-II 

1 slim floppy & 1 slim DVD-ROM drive 

600W cold-swap power supply w/|2C 

5x 4cm heavy duty fans w/optimal fan speed control 
System management: Supere® Doctor III & IPMI 2.0 
* RAID O, 1, 5, 10 support 


Arrow Electronics 
1-888-427-2250 
Wwww.arrownacp.com 


AMAX Corp. 
1-800-800-6328 
www.amax.com 
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perServer 6024H-32R 


v Dual Intel” Dual-core 64 bit Xeon” processors support 

v SUPER®® X6DH3-G2 Serverboard 

¥ Intel® E7520 chipset/800MHz 

VY Up to 16GB ECC Reg. DDRII 400 SDRAM 

Y 1/2 64-bit PCI-X 133/100MHz (full-size) 

Y Dual Gigabit LAN ports 

Y Adaptec 9410W controller for 8 SAS/SATA drives 

VY 6x 1" hot-swap SAS/SATA drive bays 

Vv 1x 5.25" drive bay, 1 floppy drive & 1 slim CD-ROM 

v 500W redundant power supply w/l2C 

v 4x 8cm heavy duty fans w/optimal fan speed contro | 
& air shroud 

v System management: Supere Doctor III & IPMI 2.0 


ASI 
1-800-2000-ASI 
www.asipartner.com 


Bell Micro. 
1-800-232-9920 
www.bellmicro.com 


Ingram Micro 
1-800-456-8000 
www.ingrammicro.com 
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erServer 7044H-32R 
Dual Intel” Dual-core 64 bit Xeon” processors support 
SUPER®® X6DH3-G2 Serverboard 

Intels E7520 chipset/800MHz 

Up to 16GB ECC Reg. DDRII 400 SDRAM 

2 PCI Express x8 

1/2 64-bit PCI-X 133/100MHz & 1 PCI 

Dual Gigabit LAN ports 

Adaptec” 9410W controller for 8 SAS/SATA drives 
AOC-LPZCR1 (Zero-Channel RAID) support 

8 x 1" hot-swap SAS/SATA drive bays 

90° rotatable module: 2 USB ports, FDD, 2 x 5.25" drive bays 
760W triple-redundant power supply w/l2C 

100% cooling redundancy**: 4 x 8cm, 2 x 8cm fans 
w/optimal fan speed control & air shroud 

System management: Supere®Doctor II| & IPMI 2.0 


** System remains at 100% performance even if a key fan fails. 


MA LABS 
1-408-941-0808 
www.malabs.com 


Tech Data 
1-800-237-8931 
www.techdata.com 


Synnex Inc. 
1-800-756-5974 
www.synnex.com 


IN KERNEL 
DEVELOPMENT releases as its base, and incor- 


° John W. Linville has 
diff = U announced a new git reposito- 
P ry for his fork of the Fedora 
WHAT'S NEW Core kernels. This repository 


will take the Fedora kernel 


porate networking patches 
from the official kernels on kernel.org. His 
goals are to allow Fedora users to access 
bleeding-edge patches they otherwise 
would have to wait for and to convert the 
Fedora user community into a testing 
resource for the kernel (specifically network- 
ing) developers. 

Eric Dean Moore has assumed main- 
tainership of the previously unlisted LSI 
Logic MPT Fusion SCSI Drivers. These 
drivers were split recently from a single driv- 
er supporting SCSI and Fibre Channel to 
multiple drivers each supporting a single 
interface. The irony of this is that although 
the developers themselves chose to split the 
driver this way, the MPT Fusion’s main claim 
to fame is that it provides a single interface 
to both SCSI and Fibre Channel hardware. 

Alessandro Di Marco has begun work 
on Sluggard, a filesystem intended to make 
kernel downloads less painful. As the kernel 
sources continue to grow, it takes longer to 
download. Sluggard addresses this by 
putting rsync at its back end. Users read files 
on the filesystem with their favorite tools, 
and Sluggard transparently fetches any 
changed files just prior to access. In this 
way, files that aren't needed are never 
downloaded. This has saved Alessandro 
more than 200MB of disk space, and he 
says the potential exists to save even more, 
depending on what kernel features one 
needs to compile. 

Andrey Volkov has coded up support 
for the ST M41T85 real-time clock chip, 
basing his work on Mark A. Greer's ST 
M41T00 driver. In fact, there is some talk 
of merging Andrey’s work into Mark’s origi- 
nal driver. However, due to many small dif- 
ferences in the hardware, it’s not clear what 
the best approach would be to avoid too 
many #if statements. It may turn out that 
merging the two would create more com- 
plexity than a unified driver would be worth. 
But, both Andrey and Mark have indicated 
that they'd be happy to do a merge if it 
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seemed like the right way to go. 

Since Sun released its ZFS filesystem 
source code, Tarkan Erimer recently asked 
if this meant it might be ported to Linux at 
some point in the future. However, this 
doesn’t seem likely, because Sun used the 
CDDL license, which allows linking to other 
code released under nonfree licenses, thus 
making it incompatible with the GPL. Unless 
Sun decides to dual-license ZFS under CDDL 
and the GPL, there is no way a direct port of 
ZFS to Linux could be legally included in the 
official tree. It is still possible that someone 
will do a clean-room reimplementation of 
ZFS, without looking at any of Sun’s sources. 
If Linus Torvalds’ stance on CVS was 
not clear before, it is now. When it was sug- 
gested that the kernel include documenta- 
tion about existing CVS-based kernel reposi- 
tories, Linus said, “I'd argue against it. CVS 
is a piece of crap, and anybody who main- 
tains stuff in CVS just makes it harder to ever 
merge back. That's not just a theory—we’'ve 
had that situation happen in real life over the 
years, which is why | definitely don't want to 
see any external CVS trees given any kind of 
recognition at all.” There you have it. 

One of the strengths of the Linux devel- 
opment philosophy is that it won't blindly 
adhere to standards just because those stan- 
dards exist. The standards have to make 
sense as well, and in the case where a good 
standard has not been followed for some 
reason, it has to make practical sense to 
change into conformance with it. This came 
up recently when Matthew Wilcox tried to 
fix the NO_IRQ definition to bring it into 
conformance with the PCI standard. Linus 
pointed out that the standard had been 
ignored by hardware makers for years, and 
that changing the NO_IRQ definition would 
break a lot of existing drivers. In fact, the 
Linux kernel would be clearer and simpler if 
some change were made to at least bring the 
various kernel architectures into conformance 
with each other; and if all drivers could be 
fixed to reflect this change, it would be the 
right thing to do. However, Linus rejected 
that proposal, affirming that the existing 
design was a mistake, but saying that the fix 
would break too much outside code. 


—Zack Brown 


Need some advice on figuring out 
the best way to get the most out 
of OpenOffice.org? Now that the 
2.0 versions are available, more and 
more people are using this free 
office suite. You can find your way 
around OOo well enough if you're 
moving from another suite, but 
you'll definitely be more productive 
with some OOo know-how under 
your belt. That's where U.com 
columnist Bruce Byfield comes in, 
with his bi-monthly series OOo Off 
the Wall. Recent topics include: 


™@ Find and Replace 
(www.linuxjournal.com/ 
article/8791): how to search 
for and replace text and strings. 


Master Documents 
(www.linuxjournal.com/ 
article/8735): how to 
create and manage large 
documents comprised of 
smaller OOo files. 


Domesticating AutoCorrect 
(www.linuxjournal.com/ 


article/8688): how to set up 
the AutoCorrect feature so it 
doesn’t drive you crazy—and 
how to turn it off altogether. 


And, for an overview of 
“What New Users Need to 
Know about OpenOffice.org” 
(www.linuxjournal.com/ 
article/8443), Bruce offers advice 
on on-line help, interface workings, 
templates and other OOo particu- 
lars. In coming months, Bruce will 
be moving on to Calc, OOo's 
spreadsheet program. 

Regular contributor Colin 
McGregor is working on a new 
how-to article for LJ.com read- 
ers about the Linux Infrared 
Remote Control (LIRC) Project 
(www.linuxjournal.com/ 
article/8811). He'll explain what it 
is, what hardware/software is need- 
ed and how to set up the software. 
For those of you feeling more 
adventuresome, Colin also will 
share some thoughts on building 
your own infrared hardware. 


1 ) ss ~~ alte cr 
...where Linux & laptops conver rge 
‘Visit us a at the LinuxWorld expo in | Boston from Apri 6, 2006 in b booth 1312. 


You choose your laptop from a wide selection of top tier laptops manufactured by 
Dell, IBM, Lenovo, Sharp, and Sony. You choose your distribution from among the 
most popular Linux distributions. We'll install your distribution; add our custom 
kernel; then configure your laptop for full hardware support, including: X at the 
nalive resolulion, wireless, power management, 3-D graphics, optical drives... 


The Toucan: 5 lb Linux The Rhino: 7 |b Linux 


* ThinkPad T series by Lenovo * Dell Latitude D810/M70 

© 14.1" SXGA+/15.0" UXGA © 15.4" WUXGA screen 

* X@1400x1050/1600x1 700 *X@1970x1700 

© All FireGL graphics * NVidia Quadro or ATI Radeon 
* 1,6-2.26 GHz Pentium-M 7xx 2 ® 1.73-2.26 GHz Pentium-M 7xx 
* 40-100 GB hard drive * 40-100 GB HD (7200 rpm) 

¢ 512-2048 MB RAM ¢ 512-2048 MB RAM : 

© CDRW/DVD or DVD-RW © CDRW/DVD or DVD+RW 

* ACPI suspend/hibernate * 802.11a/b/g wireless, GigE 

e Ask about dual core laptops e Ask about our Sony laptops 


Let EmperorLinux do the rest. Since 1999, EmperorLinux has provided pre- 
pod grr neary reg installed Linux laptops to universities, corporations, and Linux enthusiasts. We 


Subject; Cunfiguration of 


Just bought & new y| specialize in the configuration of Linux on thgsfinest laptop and notebooks. We 


te learn how to contt 
ay FU and ay lapioo 


ttraneeagrtats offer a range of the latest Linux distributig dual boot options. All systems 
ceded eee May come with one year of Linux technical s ull manufacturers’ warranty. 


oducing 


Linux Tablet Features 


© Pen/stylus input to screen in X 

® Handwrite commands to screen focus 
* Handwrite notes and convert to text 

* Pressure sensitive stylus in GIMP 

* Rotate screen orientation 


Linux Laptop Features 
© ThinkPad X series by Lenovo 
© 12.1" XGA w/ X@1024x768 
© 1.5 GHz Pentium-M 758 

© 60 GB hard drive 

* 512-1536 MB RAM 

* 802.11a/b/g wireless, GigE 
© ACPI hibernate 
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YOUR BUSINESS AS§ SERIE 
AS YOU)DO. 


Intel® Xeon® Processors powering 

Ciara VXPRO™ server provide the quality 
and dependability to keep up with your 
growing business. 


3 Good Reasons to Buy from Ciara Technology 


Customizes Servers, Blade & Storage: 
Get the technology that’s right for your 
business and not right tor your supplier. With a 


capability to manufacture over 2500 systems a 
day, Clara is suited to accomodate any 
cuslomer requirernent. Our record growth 
enabled us in February 2008 to inaugurate an 
all-new, ultra-modem manufacturing plant of 
56/6.000 saf. Our systems are build under the 
ISO 9001 2000 certification. 


Incorporated in 1984, Ciara Technology 

is a world-class provider of computer 
systems including desktop, laptop, 

servers, storage, supercomputer clustors as 


well as olher software and inlegralion servic- 


es. All our systems are serviced by Ciara 
highly trained and certified technicians and 
system engineers. We are an accountable 
supplicr Onc single point of contact for all 
your technoloy needs. 


For all your computer needs visit us at 


ciara-tech.com 


1-866-789-7225 


Ciara have a strong working relationship with 
Intel, so we have access to information and 
support that give us — and you — significant 
advantages In deploying and managing your 
systems and applications. The resull is a 
more flexible solution that meets your current 
needs, while enabling easy expansion to 
accommodate emerging technologies and 
new business growth. 


VXPRO-R7230NH 
Affordable Starter Server 


Ultra Adatordable, 
Easy to Service 
Base Configuration 


Intel® Pentium® D Processor 920 
(2.8GHz Dual Core Processor) 
800MHz Front Side Bus 


2X2MB L2 Cache 


1GB (2x512MB) ECC DDR2 533 Memory 
(Expandable to 8GB) 


One 80GB (7,200RPM) SATA150 HDD 
(Up to 4 Hol Swap Hard Drives) 


Floppy and CD ROM Included 


1U Rackmout 
3 Years Warranty Retum to Ciara 


Additional 80GB (7,200RPM) SA 
Additional 10D (2 X512ME9 COO DORSRS 


Intcl, Intel logo, inte! Inside, Inte! inside logo, Intel Centrino, intel Centrino logo, Celeron, Intel Xcon, inte! 


EpcedStep, ttanium, 
lradorreries of Intel Conporalion or lls subzidiesies in lhe Uniled Glales and alhur counties. (1) inporlenl Inormalion. All prices, epecilicalionss and promolionesd ollere ee subject lo 
Cora be responsiibic for hotographics ormors, pricing omors. Al pricing in US dollar. Shipping and applicable taxcs arc not included. 


typography crrors, 


VXPRO-R7520BB2 
Low Voltage - 4 Cores Server 


Lxtremely Powerful 


Ultra Low Power Consumption 
Mid Server Configuration 


Intel® Xeon® LV Processor 
(2.0GHz Dual Core Processor) 
667MHz Front Side Bus 

?MB of Shared L2 Gache 


2GB (2x1GB) ECC/Reg DDR2 400 Memory 
(Expandable to 16GB) 


One 80GB (7,200RPM) SATA150 HDD 
(Up to 4 Hot Swap Hard Drives) 


Floppy and CD ROM included 


1U Rackmout 
3 Years Warranty Return to Ciara 


80GB (7,200RPM) SATA150 
Addtional 200 (2x 1GB) ECO/Reg DOR2 


Pentium, and Pentium fl Xcon arc trademarta or registered 
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1. Billions of Internet users: 1 

2. Number of computers on the Internet in the US in 1969: 2 

3. Number of years it took for the Internet to reach its first billion users: 36 
4. Estimated year when 2 billion will be reached: 2015 

5. Estimated year when 3 billion will be reached: 2040 

6. Annualized percentage growth rate in Internet use: 18 

7. US percentage of Internet users in 1995: 66 

8. US percentage of Internet users in 2005: 23 

9. Position of South Korea in broadband penetration: 1 

10. Position of China among Internet users under age 30: 1 

11. Millions of Firefox downloads by October 2005: 100 

12. Minimum Firefox market share in November 2005: 10 

13. Number of Netcraft’s ten most reliable hosts using Linux: 3 

14. Number of Netcraft’s ten most reliable hosts using an open-source OS: 7 
15. Position of Hostway, which runs Linux, among most reliable hosts: 1 

16. Position of Apache among most popular Web servers: 1 

17. Apache percentage of all Web servers: 70.98 

18. Millions of Weblogs as of January 4, 2006: 24.4 


19. Thousands of new Weblogs added each day: 70 


20. Thousands of Weblog posts created per hour: 33 


= S Ask the network before you ask the source. 
i] hey Saicl It —JEREMIE MILLER, FROM AN IM WITH ME 


..consider this a warning shot for anyone who is relying on closed source mod- 
ules. What you are doing is trying to take from Linux and not give anything back. 


The GPL explicitly forbids this, and Linux would not be good enough today for 
you to be using it without that protection. There is a reason why you are wanting 
to use Linux for your internal use, and why your customers are asking for it. 

—GREG KROAH-HARTMAN, REMARKING ABOUT HIS PROPOSED KERNEL PATCH THAT “SIMPLY MARKS ALL PCI FUNCTIONS 


AS ONLY ABLE TO BE USED BY GPL LICENSED KERNEL CODE” (www.kroah.com/log/2005/11/21#gpl_pci_core) 
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Thinkmate server and workstation 
products offer more configurations, 
and more customizable options 


than any other system builder. 


Xeon’ 
inside™ 


Thinkmate 10 Server, 2x Serial-ATA or SCSI drives with Intel® Xeon® Processors 


Dozens of customizable 
systems online, unlimited 
possibilities by phone. 


>» Rackmount Servers 

> High-Performance Servers 
> Storage Servers 

> Pedestal Servers 

> Silent Workstations 

> Blade Servers 

> Clustering 

> Notebooks 


Onerating System Options: 

Thinkmate systems are available with either No 
OS, or pre-loaded with Linux or Microsoft 
Windows operating systems. Thinkmate also 
offers dual-boot and virtualization options. 


| 100% True Hardware Customization: 


Thinkmate is an innovative provider of an exten- 
sive variety of computer solutions. We completely 
customize all of our machines to match your indi- 
vidual needs. Our online quoting and ordering 
system has more customizable options than any 
other system builder on the web. If you can't find 
exactly what you need on our site, then give us a 
call and we would be more than happy to help you 
find it! 


service: 

Thinkmate takes Customer service to a new level. 
All of our systems have a minimum of a 3-year 
advanced replacement warranty and offer up to a 
3-year next business day onsite warranty through 
IBM Global Services. We understand mission 
critical situations and provide superior services to 
keep all of our customers satisfied. 


GSA Scheduling: ; 

We offer rapid GSA scheduling SEL Schedule 
for custom configurations. If you have a specific 
hardware requirement, we can have your configu- 
ration posted on the GSA schedule within 2-4 


"(8001 371-1212 


' weeks. 
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ite subsidiaries in the United Slates and other countiies. All ngtia reserved 


Low Price, Low Power, 
High Reliability 
for Embedded Systems 


TS-7200 
shown with 

‘optional A/D converter, 
‘Compact Flash and RS-485 


as low as 


$1496 $119 wm 
= 200 MHz CPU 


Power as low as 1/2 Watt 


3 boards, over 
2000 configurations 


PC/104 expansion bus 
Fanless, no heat sink 

up to 256M onboard Flash 
up to 64M SDRAM 

10/100 Ethernet 

up to 30 DIO ports 

2 USB ports 

up to 5 COM ports 

Linux, NetBSD 


Real Time extension 


Design your solution with 
one of our engineers 


a” Over 20 years in business 
a” Never discontinued a product 
a Engineers on Tech Support 


x» Custom configurations and de: 
excellent pricing and turn-around 


% Most products stocked and a 
for next day shipping 


See our website for options, 
peripherals and x86 SBCs 


a . 
4% Technologic 


SYSTEMS 


We use our stuff. 


visit our TS-7200 powered website at 
www.embeddedARM.com 
(480) 837-5200 
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USER FRIENDLY by J.D. "Illiad” Frazer 


IS THAT A WIKI I SEE? 


COPTRIGHT © 2086 4.0, “Edad” Franer HTIP.//WAWAUSERFRIEMDLY.O8G/ 


MENT. BEST DISTRO AND 
BEST TEXT EDITOR. 


\ 
ANYTHING ELSE YOU THIN 


“> 
lg 


TULL NEED? 


\ 


Redraw Your 


Own Conclusions 


Back in July 2001, | had fun looking up Google search results for a bunch of different terms, and listed 


them in the October 2001 issue of the magazi 


So, we revisited those same items for this 
JULY 2001 


python 2,080,000 


ne. 
issue. Here are the results.—Doc Searls 


JANUARY 2006 


91,210,000 


active x 2,350,000 


107,000,000 


gates 3,020,000 


78,200,000 


kde 3,560,000 


29,100,000 


gnome 3,720,000 


27,100,000 


perl 7,650,000 


115,000,000 


jesus 8,800,000 


78,200,000 


boy 10,800,000 


159,000,000 


solution 13,300,000 


507,000,000 


girl 13,600,000 


137,000,000 


microsoft 20,200,000 


721,000,000 


god 24,300,000 


172,000,000 


sun 25,500,000 


523,000,000 


sex 28,400,000 


211,000,000 


linux 31,600,000 


420,000,000 


business 86,900,000 


2,950,000,000 


have 231,000,000 


3,970,000,000 


Just because your IT equipment goes dark 
doesn’t mean you have to go blind. 


Network down? 
eal No sweat. 
| ow! i me oes 
P No problem. 
With SecureLinx you can finally 
achieve true “lights out,” out-of- 
band data center management. 
And SecureLinx SLC has your 


back with the highest level of 
security available. For more 
information, check out the 
specs at lantronix.com/slc/ 
or call us at (800) 422-7055. 


Network anything. Network everything.” 


© Lantronix, 2006. Lantronix is a registered trademark, 
and SecureLinx is a trademark of Lantronix, Inc. 
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ee WELL-CONNECTED AWARDS Editor's 


WI N NER | Choice 


COLUMNS 


REUVEN M. LERNER 


Extending Web Services 
Using Other Web Services 


How to create a useful new Web service by tapping in 
to the power of two other freely available Web services. 


Last month, we looked at the latest incarnation of Web 
services offered by on-line giant Amazon. Amazon was one 
of the first companies to embrace Web services, and 
although some of its newer offerings require payments on 
a monthly or per-query basis, basic catalog searches are still 
available free of charge. 

If we think of each individual Web service as a function 
call, we can think of a collection of Web services, such as 
Amazon Web Services (AWS), as a software library. And 
although we can certainly create interesting applications with 
such libraries, it is often useful to create new libraries that sit 
on top of the existing ones. In many ways, the history of soft- 
ware is the history of creating increasingly powerful abstrac- 
tions by stacking libraries on top of one another. Outside of 
the classroom, most of us haven't ever had to implement a 
sort algorithm or create a buffered I/O library, simply because 
such things have been written and optimized by previous gen- 
erations of programmers. 

| thus believe that it's useful for us to consider AWS not 
as a set of routines that we can incorporate into end-user 
programs, but rather as a set of low-level libraries on top 
of which we can (and should) create new libraries appropri- 
ate for our specific needs. 

This month, we look at a simple example of what | 
mean. The project will reflect my love of books. The Internet 
has made it difficult for me to stop buying used books, 
because so many are available at low prices. But, I’m fortu- 
nate to be spending several years in Skokie, Illinois, which 
has an excellent public library. Skokie’s library has not only 
an extensive collection, but it also has a Web-based inter- 
face to the book catalog. Our project for this month, thus, 
is to create a Web service that integrates Amazon's catalog 
with the information from the Skokie public library. In other 
words, we're going to write a Web service that itself relies 
upon another Web service. The input to our service will be 
an International Standard Book Number (ISBN); the output 
will be an indication of the book's availability and price at 
Amazon and the Skokie library. 

In some ways, this Web service will duplicate the excellent 
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Book Burro plugin for the Firefox Web browser, which | 
often use to find the best bargains. And indeed, Book 
Burro looks at both bookstores and public libraries in order 
to find books. | recommend Book Burro to everyone who 
uses Firefox. But, | believe that building your own simple 
Web service, even if it duplicates the functionality of 
another program, is a worthwhile endeavor. 

Moreover, Web services have the advantage of being 
available from any programming language and any applica- 
tion. | can implement my Web service using Ruby, and peo- 
ple will still be able to access it from Java, Python, Perl or 
virtually any other language. In many ways, this achieves 
what object broker middleware services like CORBA had 
promised, only without the baggage that made CORBA a 
more complex (but arguably more secure and rich) pro- 
gramming platform. It makes a Web service more powerful 
than a simple software library, because it can be accessed 
from any platform or language, so long as the requesting 
computer is connected to the Internet. 


Searching the Catalog 

In order to integrate an ISBN search for the Skokie library, 
we're going to need a way to query the library for informa- 
tion about book availability. Unfortunately, my library 
doesn't have a Web services API for querying its database. 
But, it does have the next-best thing, namely a simple Web 
interface that we can query. 

There are several ways to look through the output from a 
Web page. Because many sites now use HTML that can be 
parsed as if it were XML, we might want to use an XML-pars- 
ing library to read through the response from the library’s Web 
site, looking for particular text in specific places. 

Much as | might like the idea of such an approach, I’m 
probably not the only Web developer who takes a more practi- 
cal, quick-and-dirty look. | have used my library’s Web site 
enough times to know that there is a limited number of 
responses it might send back to me. As a result, I'll use the reli- 
able, if somewhat stupid, approach of looking for particular 
cues in the HTTP response. 
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Our program (skokie-lookup.rb, Listing 1) is written in 
Ruby, a language | have grown to enjoy more and more over 
the past few months. We begin by importing the included 
Net::HTTP module, which defines classes and methods that 
provide HTTP-based communication. 

We then check to make sure that we have at least one 


Listing 1. 


skokie-lookup.rb 


#!/usr/bin/ruby 


require “net/http® 


if ARGV.length == 
puts "#{$0}: You must enter at least one argument." 
exit 

end 


output = "" 


# Set up our regular expressions 

not_in_collection_re = /class="yourEntryWouldBeHereData"/ix 
on_shelf_re = /CHECK SHELF/ix 

checked_out_re = /DUE /ix 


# Iterate through each of our arguments 
ARGV.each do |isbn| 


# Ignore non-ISBN arguments 

if not isbn.match(/[0-9xX] {10}/) 
output << "ISBN #{isbn} is invalid.\n" 
next 

end 


# Ask the library what it knows about our ISBN 
response = Net: :HTTP.get_response('catalog.skokie.lib.il.us', 
"/search~S4/i?SEARCH=#{isbn}") 


# Check our regular expressions against the HTML response 
if not_in_collection_re.match(response. body) 

output << "ISBN #{isbn} is not in the Skokie collection. \n" 
elsif on_shelf_re.match(response. body) 

output << "ISBN #{isbn} is on the shelf.\n" 
elsif checked_out_re.match(response. body) 

output << "ISBN #{isbn} is currently checked out.\n" 
else 

output << "ISBN #{isbn} response: Unparseable!\n" 
end 

end 


# Show everyone what we've learned 
puts output 
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command-line argument, by looking at the built-in ARGV 
array. If the length of ARGV is 0, we know we weren't passed 
any arguments, and we should give the user a brief indication 
of how the program should be used. 

Then, we set up a number of variables that will be needed 
later on. The output variable is a string to which we will 
add any output we need to send to the user. We also create 
three Regexp (regular expression) objects, which we will use 
in our loop. 

Next comes the meat of the program. We iterate over 
each element of ARGV, first checking that it is a ten-character 
ISBN containing only numbers and the letter X. We then 
query the Skokie library’s Web site for that ISBN, passing 
Net::HTTP.get_response the hostname and path to the 
program we want. The HTTP response, including its headers 
and body, is then available in our response variable. 

Now we compare the response body against our three reg- 
ular expressions, checking which it matches. Using Ruby's << 
operator for concatenation, we add an appropriate message 
to the output variable for each ISBN. Finally, just before the 
program exits, it gives a full report of ISBNs. 


Combining the Search Results 

The above program works just fine, and it provides an easier 
way to query the Skokie library catalog than the standard Web 
pages. But, I’m interested in knowing how much the book 
would cost if | were to buy it from Amazon, as well as 
whether it's available from the library. With all of this informa- 
tion, | can then decide if | want to buy the book, check it out 
of the library or neither. 

Last month, we saw how we could use a REST-style 
request (that is, HTTP GET with arguments) to retrieve infor- 
mation from Amazon. Now we will write a program that per- 
forms that retrieval and then pulls out the relevant XML data. 

As you might remember, we can retrieve Web services 
information from Amazon by sending an HTTP request to 
webservices.amazon.com, asking for the document /onca/xml, 
and then specifying the Service, Operation and 
AWSAccessKeyld name-value pairs. If we are interested in 
learning about new and used prices for that ISBN, we then 
pass the Itemld parameter, and indicate that we want the 
ResponseGroup known as OfferSummary. 

Because Amazon returns XML in all of its responses, 
including those invoked with REST, we can parse through the 
XML to find the lowest prices for our book. Ruby comes with 
the REXML-parsing library, which works with XML in a number 
of different ways; we will use it to scan through Amazon's 
response for the appropriate code. 

Finally, we can rework our existing code, such that it will 
search the Skokie library for the ISBN and produce a textual 
summary. Listing 2 contains a program (combined-lookup.rb) 
that produces such combined output. 

combined-lookup.rb begins in almost the same way as 
skokie-lookup.rb, although it imports the rexml/document 
module along with the net/http module. It then iterates 
through ISBNs that were passed on the command line, 
ignoring those that don’t fit the strict definition. 
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The main addition to this program begins with the creation But, | felt that using a hash in this way would make it easier to 


of a string named amazon_params. In theory, we could have modify the code later on, even if it requires a bit more time to 
built this string in a number of different ways, many of them understand at first. 
less complicated than the combination of methods | chose. The basic idea is as follows: we create a hash, in which 


Listing 2 
combined-lookup.rb 


#!/usr/bin/ruby new_price = 
xml. root.elements["Items/Item/OfferSummary/LowestNewPrice/FormattedPrice"] 
require ‘net/http' if new_price.nil? 
require ‘rexml/document' output << "\tNew: None available\n" 
else 
if ARGV. length == output << "\tNew: #{new_price.text}\n" 
puts "#{$0}: You must enter at least one argument." end 
exit 
end used_price = 
xml. root.elements["Items/Item/OfferSummary/LowestUsedPrice/FormattedPrice"] 


wu 


output = if used_price.nil? 
output << "\tUsed: None available\n" 
# Set up our regular expressions else 
not_in_collection_re = /class="yourEntryWouldBeHereData"/ix output << "\tUsed: #{used_price.text}\n" 
on_shelf_re = /CHECK\s+SHELF/ix end 
checked_out_re = /DUE /ix 
collectible_price = 
# Iterate through each of our arguments xml. root.elements["Items/Item/OfferSummary/LowestCollectiblePrice/FormattedPrice"] 
ARGV.each do |isbn| if collectible_price.nil? 
output << "\tCollectible: None available\n" 
# Ignore non-ISBN arguments else 
if not isbn.match(/[0-9xx] {10}/) output << "\tCollectible: #{collectible_price.text}\n" 
output << "ISBN #{isbn} is invalid.\n" 
next 


end 


output << "ISBN: #{isbn}\n" 


# Ask the library what it knows about our ISBN 
library_response = Net::HTTP.get_response('catalog.skokie.lib.il.us'>, 
"/search~S4/i?SEARCH=#{isbn}") 


# Put together an Amazon parameter string # Check our regular expressions against the HTML response 
amazon_params = {'Service' => ‘AWSECommerceService', if not_in_collection_re.match(library_response. body) 
‘Operation’ => 'ItemLookup', output << "\tLibrary: Not in the Skokie collection. \n" 
"AWSAccessKeyId' => 'XXX', elsif checked_out_re.match(library_response. body) 
"ItemId' => isbn, output << "\tLibrary: Checked out.\n" 
"ResponseGroup' => 'Medium,OfferFull', elsif on_shelf_re.match(library_response. body) 
"MerchantId' => 'All'}.map {|key,value|"#{key}=#{value}"}.join("&") output << "\tLibrary: On the shelf.\n" 
else 
# Ask Amazon what it knows about our ISBN output << "\tLibrary: Unparseable response\n" 
amazon_response = Net::HTTP.get_response('webservices.amazon.com' , end 


"/onca/xml?' << amazon_params) end 


xml = REXML: :Document .new(amazon_response. body) # Show everyone what we've learned 
puts output 
# Get the lowest new, used, and collectible prices 
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Listing 3. 
xmIrpc-lookup.rb 


#!/usr/bin/ruby # Get the lowest new, used, and collectible prices 
new_price = 
require 'net/http' xml, root.elements["Items/Item/OfferSummary/LowestNewPrice/FormattedPrice"] 
require 'rexml/document' if new_price.nil? 
require 'xmlrpc/server' isbn_output['New'] = "None available" 
else 
# Set our regular expressions isbn_output['New'] = new_price. text 
not_in_collection_re = /class="yourEntryWouldBeHereData"/ix end 
on_shelf_re = /CHECK\s+SHELF/ix 
checked_out_re = /DUE /ix used_price = 
xml. root.elements["Items/Item/OfferSummary/LowestUsedPrice/FormattedPrice"] 
if used_price.nil? 
isbn_output['Used'] = "None available" 
else 
isbn_output['Used'] = used_price.text 
# Start an HTTP server on port 8080, to listen for clients end 
server = XMLRPC: : Server .new(8080) 
collectible_price = 
server.add_handler (name="atf. books", xml. root.elements["Items/Item/OfferSummary/LowestCollectiblePrice/FormattedPrice"] 
signature=['array', ‘array']) do |isbns| if collectible_price.nil? 
isbn_output['Collectible'] = "None available" 
output = [ ] else 


isbn_output['Collectible'] collectible_price.text 
# Iterate through each of our arguments 
isbns.each do |isbn| 


isbn_output = {'ISBN' => isbn} 


# Ignore non-ISBN arguments 

if not isbn.match(/*[0-9xX] {10}$/) 
isbn_output['message'] = "ISBN #{isbn} is invalid." 
output << isbn_output "/search~S4/7i?SEARCH=#{isbn}") 


# Ask the library what it knows about our ISBN 
library_response = Net: :HTTP.get_response('catalog.skokie.lib.il.us', 


# Check our regular expressions against the HTML response 

if not_in_collection_re.match(library_response. body) 
isbn_output['Library'] = "Library: Not in the Skokie collection." 

elsif checked_out_re.match(library_response. body) 
isbn_output['Library'] = "Checked out." 

elsif on_shelf_re.match(library_response. body) 


# Put together an Amazon parameter string 
amazon_params = {'Service' => 'AWSECommerceService', 
‘Operation’ => 'ItemLookup', 
"AWSAccessKeyId' => 'XXX', 


isbn_output['Library'] = "On the shelf." 
else 


isbn_output['Library'] = "Unparseable response. 
end 


"ItemId' => isbn, 
"ResponseGroup' => 'Medium,OfferFull', output << isbn_output 
"MerchantId' => 'All'}.map {|key,value|"#{key}=#{value}"}.join("&") end 


# Ask Amazon what it knows about our ISBN output 
amazon_response = Net: :HTTP.get_response('webservices.amazon.com', end 
‘/onca/xml?' <<amazon_params) 
server .serve 


xml = REXML: :Document.new(amazon_response. body) 
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the keys are the AWS REST parameter names, and the 
values are the corresponding parameter values. In order 
to get these parameters into the standard format of 
param1=value1&param2=value2, we use map to create 
an array from the keys and values of the hash. Our array will 
contain strings, each of which is in the param=value format, 
joined together with an equal sign. Finally, we use join to 
combine all of those pairs with & signs between them, 
producing a string that we assign to amazon_params. 

With our parameters in place, we use Net::HTTP.get_response, 
just as we did before in skokie-lookup.rb. The hostname 
will be different, and the requested URL on that host will 
also be quite different, incorporating the parameters that 
we just assigned to amazon_params. But, the request is 
sent in the same way, and we retrieve the response in the 
same way as well. 

However, whereas the Skokie library sends its response in 
HTML, Amazon replies using XML. So, we fire up REXML, cre- 
ating a new instance of REXML::Document with the contents 
of the Amazon response. We then use the elements method 
on the response’s root node to find the lowest new, used and 
collectible prices. (Amazon provides each of these prices sepa- 
rately, which | admit is a bit annoying.) If the text within that 
node is nil, no such price exists, and we indicate that to the 
user. Otherwise, we can assume we got a price back—and a 
price formatted with a dollar sign and decimal point, at that— 
and we display it for the user. 


Creating a Web Service 

Now that we have created a combined lookup tool, how can 
we turn it into a Web service? (For the purposes of simplicity, 
I'm going to use XML-RPC. It would be equally valid to use 
SOAP or even to look for REST parameters.) 

The answer is easier than you might think. We will 
need to modify the program to take its inputs from the 
Web instead of ARGV. We also will need to send the out- 
put over the XML-RPC, back to the client that sent the 
original request. 

But the end result, as you can see in Listing 3, is not terri- 
bly different from what we had in Listing 2. And because it 
operates as a Web service, we can now incorporate its results 
into new programs that we might write. Better yet, we can 
create new Web services that use this service as an underlying 
foundation, thus stacking the functions even deeper, into even 
more useful libraries. 

Listing 3 begins by creating a new instance of 
XMLRPC::Server on port 8080. It then adds a new handler, 
which we call atf.books, and which both accepts an array as 
input and returns one as output. Using Ruby's block notation, 
the handler then iterates over each ISBN that it receives via the 
XML-RPC method call. 

The rest of the program is largely the same as combined- 
lookup.rb, with the exception of the output. Output to an 
XML-RPC method call, at least in this Ruby library, is accom- 
plished by placing the output in the final line of the block. 
Because we plan to return an array, we need to create and 
populate the array. We thus define output variable as an 
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Listing 4. 
xmIrpc-lookup-client.rb 


#!/usr/bin/ruby puts e.faultCode 
puts e.faultString 
require 'xmlrpc/client' end 


# Get the ISBNs from the command line # Display the results! 
isbns = ARGV results.each do |result| 
result.each do |key, value] 
# Connect to the server if key == "ISBN" 
server = XMLRPC::Client.new2 ("http //127 0.0.1: 80807", nil, puts "ISBN: #{value}\n" 
elise) 
# Send the ISBNs, and catch any faults that we find puts "\t#{key}: #{value}\n" 
begin end 
results = server.call("atf.books", isbns) end 
rescue XMLRPC::FaultException => e end 
fies; Merino 3 


empty array and add one element to it for each ISBN we check. Each ele- 
ment of that array then will be a hash (known as a struct in XML-RPC jar- 
gon), with the ISBN key pointing to the book's ISBN, and the New, Used 
and Collectible keys pointing to the prices retrieved from Amazon. 

The server program then concludes with a call to server.serve, starting an 


WA FR ia i ik G = infinite listener loop for a simple HTTP server. 
To test this program, you need an RPC client; a simple one is shown in 


NIGHTSTAR LX™ IS HABIT-FORMING, AND MAY Listing 4 and takes its arguments from the command line. You'll notice that 
CAUSE EXTREME FEELINGS OF EUPHORIA. we use Ruby’s exception-handling mechanism to watch for potential prob- 


lems. If there is an error on the server, we can trap it and print a useful 
debugging message. 


Conclusion 
Seasoned programmers rarely implement everything themselves. The days 
in which every application needed its own video and printer drivers, to 
say nothing of a filesystem or operating system, are long behind us. 
Instead, we now have hierarchies of software libraries, with each library 
making use of lower-level data and functions and also performing similar 
tasks for higher-level libraries. 

Web services haven't changed the need for building new libraries on 
top of old ones. Indeed, we can expect to see an explosion of such new 


’ A libraries in the future. The difference is that new libraries will often be 
based on Web services, which provide platform and language indepen- 
Natural ability and ordinary debuggers can take you just so far. That’s why dence. We will see basic, middleware and high-level Web services, avail- 
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time and lower costs. NightStar LX. Experience rea/ power for a change. server fired off a query to Amazon's Web services. Information from 


Amazon was then combined with another data set, with results that are 
useful to anyone living in Skokie, Illinois. We can expect to see similar 
aggregating Web services in the future, both free of charge and for pay. 


Resources for this article: www.linuxjournal.com/article/8828.— 
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MARCEL GAGNE 


Cooking with Linux 
Podcast on the Menu 


If you don’t get a buzz off the wine, you will 
surely get high on these podcast download tools. 


Relax, Francois! | wasn’t trying to scare you. | pulled your 
earphones out because it is nearly time for our guests to 
arrive, and | couldn't seem to get your attention any other 
way. What were you listening to anyhow? The New Scientist 
podcast? Very nice, mon ami. | did not realize that you were 
ascinated by science stories. | must admit, that particular 
podcast is one of my favorites as well. | regularly download 
several programs including that one. Sometimes | listen to 
hem on the Linux system where | have downloaded them. 
Other times, | copy them to my handheld and take them on 
the road. Podcasts are a great diversion on trains or while 
sitting in waiting rooms. Best of all, there are tons of great 
programs out there, from pros and amateurs alike with 
opics covering pretty much anything you can think of. 

Quoi? It takes a while, you say? You don’t really manually 
download all your podcasts, do you? Right-click and Save As 
off the Web page? Really, Francois, there are much better 
ways to do this. Luckily, those helpful programs are the 
subject of tonight’s menu. But for now, | see that our guests 
have arrived and we must attend to them immédiatement! 
Welcome, everyone, to Chez Marcel, home of fine wine, 
delectable Linux fare and, of course, the most excellent 
clientele. Please, allow me to help you to your tables. Make 
yourselves comfortable. Francois, to the wine cellar! Head to 
the north wing and bring back the 2002 New Zealand Pinot 
Noir, the Marlborough, please. 

Francois and | were just discussing podcasts and the need 
for some way to download and collect them effectively. 
Chasing down podcasts, looking for new programs and down- 
loading them can take a frightful amount of time. That’s why 
podcast aggregators are such a great idea and why so many 
clients exist. Some graphical clients are rich and complex, like 
the wine—we'll look at one shortly. Others are much simpler. 
One of the simplest podcast aggregators I've seen, Linc 
Fessenden’s BashPodder, is nothing more than a bash shell 
script and a tiny one at that. Head over to the BashPodder 
Web site (see the on-line Resources), and download the 
bashpodder.shell script and the parse_enclosure.xsl file. When 
you get the two, copy them into the folder of your choice. 
Then, have a look at the script. At less than 1K, you won't 
believe how simple it is. 

Excellent, Francois. That was very fast. Please pour for our 
guests. Enjoy, mes amis. 

A sample configuration file, bp.conf, is also available for 


32 | april 2006 www.linuxjournal.com 


download from the BashPodder site. The sample file includes 
some of Linc’s favorite podcast feeds, so feel free to download 
it if you are curious as to his tastes, but the format is simple 
enough that you won't need it. bp.conf is simply a collection 
of feed links. For instance, here's a file with three feeds, one 
for the New Scientist podcast, Brian Ibbott’s Coverville and the 
BBC's excellent /n Our Time. 


http://www.newscientist.com/podcastfeed.ns 
http: //www.coverville.com/index. xml 
http://www.bbc.co.uk/radio4/history/inourtime/mp3/podcast. xml 


| store this file in the same directory from which | run the 
bashpodder.shell script file: 


sh bashpodder.shell 


The script creates a folder with the date of the run as its 
name (for example, 2006-01-04). BashPodder runs silently and 
downloads all of the current podcasts to that folder. Set the 
program to run in a cron job, and you will always be right up 
to date. Be warned, however, that BashPodder will download 
all of the current downloads for the particular feed. There’s no 
picking and choosing. 

Eskild Hustvedt’s GoldenPod is also a command-line driven 
program that is simple to use and easy to set up in a cron job 
for unattended downloads. This one uses Perl instead of bash 
and adds some useful features that aren't present in the much 
simpler BashPodder. GoldenPod can run silently (with the -s 
command switch), but it also can report on its progress as it 
works. You can elect to download only the most recent pod- 
cast in a series rather than the entire collection (which can 
sometimes be huge). GoldenPod also can list available podcasts 
without downloading, copy files to a portable player, clean up 
old podcasts and provide statistics on how much space your 
podcasts are taking up. All this for less than 32K. 

Get your copy of GoldenPod from the Web site (see 
Resources) and extract the tarball into the directory of your 
choice. If you simply run ./goldenpod from the folder in 
which you extracted it, the program will report that your pod- 
cast list is empty, but it also will create two new directories for 
you in your home folder. The first is called .goldenpod, which 
contains your configuration files and podcast list. The second is 
called Podcasts, and this is where your podcasts will be down- 
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loaded. In the 
~/.goldenpod folder, 
there are two files: 
goldenpod.conf 
and podcasts.conf. 
The format of the 
podcasts.conf file—a 
text file that you can 
edit using your 
favorite editor—is 
the same as 
BashPodder's 
bp.conf file, essen- 
tially a list of pod- 
cast feed addresses. 


Figure 1. GoldenPod 

is a simple, command- 
line-driven podcast 
aggregator. 


Once you have 
added feeds, simply 
run the program again to start the download. You may want 
to try goldenpod --dry-run to see what you are in for or 
goldenpod -f to download only the latest. You then can see 
the progress of your downloads on your terminal (Figure 1). 

When the download is done, you'll find m3u playlist files 
in each of the podcast directories corresponding to your feeds 
(for example, ~/Podcasts/catalog/showname/showname.m3u). 
Sure, it’s all command line, but once again, this is a great pro- 
gram to run in a cron job, quietly in the background, perhaps 
while you sleep. From time to time, it is also a good idea to 
run the program with the --stats option to see how many 
programs you have and how much space they are taking up. 

Of course, there are graphical podcast aggregators for 
Linux as well, which, by their nature, expand upon the feature 
sets of the two I’ve mentioned. The perfect podcast aggrega- 
tor would, for starters, contain its own directory of podcasts, 
categorized into an easy-to-search list of topics. Complement 
that with an easy one-button system to add feeds, a new 
show scanning feature so you don’t have to go looking for the 
latest shows and a system of automatic scheduled downloads 
running in the background, and you've got the makings of a 
great program. As it turns out, Scott Grayban’s CastPodder 
does all those things. Your first step toward podcast Nirvana 
is to head over to the CastPodder Web site (see Resources) 
and download a copy of the latest program. There, you'll 
find packages for Mandriva and Debian, as well as tarred 
and gzipped source packages. 

When you start CastPodder for the first time (command 
name: CastPodder), it creates a folder and subfolder 
called iPodderData/downloads in your home directory. You 
can override this default by selecting Preferences from the 
File menu. The CastPodder interface itself has the usual 
menu bar running along the top offering access to all the 
program's features. There are four main tabs labeled 
Downloads, Subscriptions, Podcast Directory and Cleanup. 
If it isn’t already selected when you start, click the Podcast 
Directory tab, and you'll see a list of folders describing var- 
ious directories and top podcast collections available. 
Before you go hunting for interesting shows, click the 
Refresh icon on the far left of the icon bar. That's the best 
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way to make sure you are working from a recent list. 

Now, let's get back to those podcast directories. 
Perhaps the most interesting here is the iPodder.org : 
Podcasting Central folder, because it contains the massive 
list of podcasts from iPodder.org. Click the small arrow 
next to the folder to list the categories, subcategories and, 
finally, all the various podcasts that correspond to that cat- 
egory. To subscribe to a podcast, click the title and then 
click the Add button. If the podcast you want isn’t listed 
here, you can add it manually by clicking Tools on the 
menu bar and selecting Add a Feed. As you subscribe to 
various podcasts, subdirectories with the names of those 
podcasts will be created in ~/iPodderdata/downloads. For 
instance, | have folders called Coverville, New Scientist 
Podcast and Quirks and Quarks from CBC Radio among 
others. Each folder holds that particular show's podcasts, 
so make sure you have a lot of disk space. 

Let's go back to the Subscriptions tab (Figure 3). A list of 
all the podcasts to which you have subscribed is in the top 
half of the main window. Click any of these shows, and the 
bottom pane lists the various episodes, the size of the show 
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Figure 2. No need to go hunting through podcast directories— 
CastPodder provides its own extensive list. 
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Figure 3. Subscription lists allow you to individually select episodes for 
download. 
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and its location on the Web. Look to the far left next to the 
episode title, and you'll see a check box. Click this box to 
flag the episode for download. If there is a little green 
arrow next to the episode title, that means it already has 
been downloaded to your Linux system. 

Once you have selected the episodes you want, click 
the first button on the left of the icon bar, the one that 
says Scan for new Feeds when you pause your mouse 
cursor over it. The button will turn gray, and the download 
of your podcasts will begin. To see the progress of those 
downloads, click on the Downloads tab. You'll see the 
current state of the download, as well as the speed and 
percentage completed of the transfer (Figure 4). 

Finally, we get to the whole point of finding and down- 
loading all these shows, and that's listening to them. Take 
a look again at that little green arrow to the left of your 
downloaded episodes (this applies to both the Download 
and the Subscriptions tab). Either double-click the entry or 
right-click and select Play episode in media player from the 
pop-up menu. By default, XMMS will start to play the pro- 
gram you've chosen (Figure 5). It's possible to override this 
choice of player, but your choices are limited to XMMS, 
the Beep Media Player and no player at all. To make the 
change, click File on the menu bar and select Preferences. 
Then, in the Preferences window, click on the Player tab. 

CastPodder swallows down into a nice, lemony applet 
in your system tray so that the program can keep running 
out of the way. This is particularly handy when you consider 
CastPodder's scheduling functionality. From the 
Subscriptions tab, click the Scheduler button on the icon 
bar to automate your podcast downloads. Automatic 
updates and downloads to subscribed feeds can be set to 
run at a specific time of day or at regular intervals 
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Figure 5. By default, CastPodder launches XMMS to play your podcasts. 


throughout the course of the day. That way, you don’t 
have to spend time checking up on new episodes. Just let 
CastPodder do the work for you. 

It appears, mes amis, that closing time is almost upon 
us. Still, | should mention one final CastPodder feature 
before | finish and that has to do with cleaning up. Earlier 
on, | mentioned that it is good to have lots of free space 
if you get into the habit of downloading several podcasts. 
It is also a good idea to clean up those old shows as new 
ones continue to be downloaded. Click the Cleanup tab 
and CastPodder lets you select individual episodes by the 
podcast feed name and easily delete them. It is also possi- 
ble to select them all with a single click should you want 
every episode deleted. 

It is now closing time, but | see that many of you are in 
the middle of searching for and subscribing to many interest- 
ing programs in the podcastverse. Take a little more time, mes 
amis. I'm sure that Francois will be more than happy to refill 
your glasses one final time before before we say, “Au revoir". 
Hmm...perhaps one of you can check to see if there are any 
podcasts dedicated to wine. On that note, please raise your 
glasses, mes amis, and let us all drink to one another's health. 
A votre santé! Bon appétit! 


Resources for this article: www.linuxjournal.com/article/ 
8829 m 
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DAVE TAYLOR 


Calling All Functions, 
and Some Math Too! 


Shuffle off to the next step in creating a shell script Blackjack game. 


If you've been keeping track of my column, you'll know that 
we're building a Blackjack game as a shell script. Why? Because 
most shell scripts are far too boring to study without nodding 
off, so considering all the nuances of shell script programming 
within the context of a game just sounds more fun! 

My last column talked about how to shuffle a deck of cards, 
as portrayed in a program with a simple array of 52 values, 1-52. 
There are some interesting nuances to the shuffle problem. 
Let's start there. Then we'll look at how to turn an arbitrary 
1-52 value into a familiar rank and suite from a deck of cards. 


The Shuffle Function 
If you've been writing shell scripts since the dawn of UNIX, you 
might not have realized that modern shells now support func- 
tions and procedures, just like a “real” programming language. 
For any block of code that you plan on executing more than 
once, it's the way to go. 

Here's the shuffle code, written as a shell function: 


function shuffleDeck 


{ 
count=1 
while [ $count -le 52 ] 
do 
pickCard 
newdeck[$count]=$picked 
count=$(( $count + 1 )) 
done 
} 


This builds an array called newdeck, which is actually the 
shuffled deck (in the last column we showed deck, which was 
an array of cards in linear order), and it uses some basic shell 
math with the $(( )) notation to save spawning a subshell to 
invoke expr for each increment of the count variable. 

| said that shell scripts are robust programming environ- 
ments and that might be a tiny bit of hyperbole, really. 
Eagle-eyed readers will notice that the pickCard function 
returns its value by setting a global variable, picked, which 
isn’t really optimal programming strategy. But it works, and 
pragmatism is an important part of any good approach to 
software development, isn't it? 

The full pickCard function is key to making this work, but it 
is too long to include here, so grab it from the L/ FTP site for 
your reading pleasure (ftp.ssc.com/pub/lj/listings/8774.tgz). 
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With the shuffleDeck function written and an initializeDeck 
function, as shown here: 


function initializeDeck 


{ 
card=1 while [ $card -le 52 ] do 
deck[$card]=$card card=$(( $card + 1 )) 
done 
} 


it’s easy to do the rudiments of shuffling the deck and dealing 
out two cards for the player and two for the dealer: 


initializeDeck shuffleDeck 


echo "** Player's hand: ${newdeck[1]}, ${newdeck[3]}" 
echo "** Dealer's hand: ${newdeck[2]}, ${newdeck[4]}" 


Let’s run this and see what kind of results we get: 


$ ./blackjack.sh 
** Player's hand: 22, 49 
** Dealer's hand: 11, 8 
$ ./blackjack.sh 
** Player's hand: 19, 32 
** Dealer's hand: 49, 10 
$ ./blackjack.sh 
** Player's hand: 44, 23 
** Dealer's hand: 46, 11 


Displaying cards as a numeric value from 1-52 is not 
the most friendly, so let's turn our attention to the display 
of the card values in the familiar rank and suite of a tradi- 
tional deck of playing cards. 


Math Games to Identify Rank and Suite 
A deck of cards is composed of 52 cards, split evenly into 
four suites of 13 cards. The order of the suites doesn’t 
matter (in Blackjack, at least), but the rank does. Indeed, 
the goal of the game is have a summary rank value of 21 
points without going any higher. 

The rank of a card is the remainder of the numeric card 
value divided by 13. In math terms, this is called the modulus 
and can be computed thusly: 


rank = cardvalue % 13 
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WORK THE SHELL 


To put this into proper shell notation, we'll again use the 
$(()) shortcuts and end up with: 


rank=$(( $card % 13 )) 


Getting the suite should be simple too; it’s the other 
half of the division. In other words, if the card value is 17, 
then 17/13 = 1, meaning it's suite #1, and 17% 13 = 4. 
Since we'd like to have our suites in the range of 1-4, 
rather than 0-3, however, we'll need to add one to the 
equation. Further, the 13th of each card is the same suite 
as the earlier 12, so we'll also have to subtract one before 
we do the division (card #13 would be suite #1 if we just 
calculated 13/13, but if we calculate 12/13 for that, we'll 
correctly identify it as part of suite #0). 

This is very confusing, so here’s the equation instead: 


suite="$(( ( ( $card - 1) / 13) + 1))" 


Much clearer, right? Seriously, you can experimentally veri- 
fy that this works correctly. The important edge cases are 
value=1, value=12, value=13 and value=14. If you can get 
those right, you're good for all values in the deck. 

Once we've identified the rank and suite of a card, we 
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just have to do a bit of fancy footwork to turn numbers 
into words: 


case $suite in 
1 ) suite="Hearts" 
suite="Clubs" 
suite="Spades" 
suite="Diamonds" ;; 
echo "Bad suite value: $suite"; exit 1 


case $rank in 
0 ) rank="King" 
1) rank="Ace" 
11) rank="Jack" 
12) rank="Queen" 
esac 


Put these together in a function called showCard (which 
returns $cardname as the calculated rank and suite), and we 
can now clean up a bit: 


jnitializeDeck shuffleDeck 


echo =n "** Player"s hand: “ 
showCard ${newdeck[1]} ; echo -n "$cardname, " 
showCard ${newdeck[3]} ; echo "$cardname" 
echo -n "** Dealer's hand: “ 
showCard ${newdeck[2]} 
showCard ${newdeck [4] } 


; echo -n "$cardname, " 
; echo "$cardname" 


Now we can start to see the game come together! 
Consider: 


$ ./blackjack.sh 

** Player's hand: 8 of Clubs, 3 of Diamonds 
** Dealer's hand: King of Spades, 3 of Spades 
$ ./blackjack.sh 

** Player's hand: 2 of Spades, 4 of Spades 

** Dealer's hand: 10 of Spades, 4 of Hearts 


Let's stop here this month as that’s a lot of code to dig 
through already. | invite you to pop over to the LJ FTP site 
to grab all the source code so far, so you can experiment 
with this script yourself too. 

Next month, we'll start looking at the game logic itself, 
but for now, Vegas beckons for a big tradeshow and, well, 
| can write it off as research for Linux Journal, can't |?m 


Dave Taylor is a 26-year veteran of UNIX, creator of The Elm Mail System, and most recently 
author of both the best-selling Wicked Cool Shell Scripts and Teach Yourself Unix in 24 
Hours, among his 16 technical books. His main Web site is at www.intuitive.com. 
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Security Features in SUSE 10.0 


SUSE is a security-friendly distribution with a plethora of security-related tools. 


Over the years, we've seen more and better security 
features incorporated into our favorite Linux distributions. 
Distribution-specific security awareness manifests itself in 
many ways, including: 


@ Availability of security-enhancing applications. 

@ “Hardening” functionality in setup/installation scripts. 
m@ The way patches are handled. 

@ Default settings of network applications. 


This month, | begin a series of three articles on distribution- 
specific security in SUSE Linux, Debian GNU/Linux and Red Hat 
Enterprise Linux. These are the three distributions with which I've 
had the most experience, and they are arguably the three most 
popular. (But as with anything, if you want to contribute an article 
about your own favorite distribution, go for it! See our author's 
guide at www.linuxjournal.com/xstatic/author/authguide.) 
‘ll start with SUSE 10.0. SUSE is a general-purpose, commer- 
cially produced Linux distribution developed for Intel 32- and 64- 
bit platforms. Originally based in Germany and still primarily 
developed there, SUSE is now owned by Novell. There are a num- 
ber of different SUSE products, including SUSE Linux, a “person- 
al” version available from numerous retail outlets; SUSE Linux 
Enterprise Server, an “enterprise-grade” version available directly 
from Novell; and OpenSUSE, which is essentially the same as 
SUSE Linux but without installation media (it's installable only over 
the Internet), printed manuals or installation support. 

The basis of this article is SUSE Linux 10.0, that is, the com- 
mercial “personal use” version. Everything | say here should be 
equally applicable to OpenLinux 10.0, and mostly relevant to 
the Enterprise versions of SUSE. Presumably, the Enterprise ver- 
sions include additional security-related packages and features. 


Installing SUSE Linux 10.0 

System security begins with installation. This is your first oppor- 
tunity to make crucial decisions concerning what role the sys- 
tem will play, which software the system will run and how the 
system will be configured. Therefore, it’s useful to begin our 
discussion of SUSE security with the installation process. 

All versions of SUSE use YaST (Yet Another Setup Tool) both 
for initial system installation and for ongoing system administra- 
tion. Over the years, YaST has evolved from a simple RPM front 
end to a modular, comprehensive administration tool that can 
be used to configure not only low-level system software but 
also complex server applications such as Apache and Postfix. 
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We'll talk more about YaST shortly. Your immediate prob- 
lem during initial OS installation, however, is deciding which 
software packages to install. And if you're security-focused, 
this is a happy problem. SUSE Linux 10.0 offers a wide variety 
of security applications from which to choose. 

In my view, these applications fall into two categories: sys- 
tem security applications and security-scanning applications. 
The former include both general-purpose applications with 
strong security features—Postfix springs instantly to mind—and 
applications whose sole purpose is providing security controls 
to other applications or to the underlying operating system, of 
which tcpwrappers is a classic example. Table 1 lists the pack- 
ages in SUSE Linux 10.0 that enhance system security. 

Actually, the lengthy list of packages in Table 1 represents 
only particular favorites of mine and SUSE-specific selections. 
SUSE includes many, many more system security tools, includ- 
ing tcpd (tcpwrappers), openssl, chkrootkit, sudo and wipe. 
You can view the full list of packages included in SUSE 
Linux 10.0 at www.novell.com/products/linuxpackages/ 
professional/index_all.html. 

Besides securing the system on which you install SUSE, you 
may be interested in using a SUSE system to validate the security 
of other systems or of entire networks. SUSE is a good choice 
for this. Table 2 shows some SUSE Linux 10.0 packages that can 
be used for security scanning. Note that you should never install 
these packages (except perhaps Snort) on any Internet-connect- 
ed server. Each is of much greater use to an attacker than it is to 
you in that context. Scanning software should be performed 
from systems that are normally kept out of harm’s way. 

If you're new to SUSE, you should be aware that by default, 
YaST uses a Selections filter (view) for selecting packages, in 
which only a small subset of all available packages is offered 
to you. If you don't see something you need in this view, for 
example, nessus-core, use the Package Groups filter to see a 
more complete set of categories. If you want to see a single list 
of all packages in alphabetical order, simply set the filter to 
Package Groups and click on the group zzz All (Figure 1). 

You also can set the filter to Search to search for packages 
by name or keyword. 

After you've selected and installed all software packages, 
YaST allows you to set the root password and create the first 
(nonroot) user account. By default, SUSE uses Blowfish for 
password encryption, and YaST checks the password you type 
for complexity. (Too-simple a password can be easily guessed or 
brute-force cracked by an attacker.) 

You're also given the opportunity to enable local firewall 
scripts (enabled by default), and the SSH and VNC remote-shell 
daemons (both disabled by default). Note that of the latter two, 
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Table 1. Some Security-Enhancing Packages in SUSE Linux 10.0 


Package Name 


Description 


aide, fam 

bind-chrootenv 

clamav, antivir 

cracklib 

gpg, 9pg2, gpa 

ipsectools, openswan 
openldap, freeradius 
proxy-suite 

seccheck 

subdomain-utils, subdomain-profiles, 
mod-change-hat and so on 
squid, SquidGuard 
SUSEfirewall 

syslog-ng 

tinyca2 

yast2-firewall 

vsftpd 


xen, FAUmachine, uml-utilities, bochs 


Table 2. Security Scanners in SUSE Linux 10.0 


Package Name 


File integrity checkers, both similar to Tripwire. 

Automatically creates a chroot environment in which to run BIND (the DNS demon) more securely. 
Antivirus packages—clamav is completely free, but antivir is commercial (free for personal use). 
Library and utilities to prevent users from choosing easily guessed passwords. 

GNU Privacy Guard (gpg), a versatile and ubiquitous e-mail- and file-encryption utility. 

Tools for building IPsec-based virtual private networks. 

Open-source authentication demons. 

An FTP security proxy developed by SUSE. 


SUSE-customized cron scripts that perform various security checks against logs, system state and so on, and send 
e-mail reports to you. 


AppArmor, a mandatory access control (MAC) system that restricts the behavior of specific binaries. 
SUSE uses this instead of SELinux, which it closely resembles. 


Squid is a popular HTTP/HTTPS proxy. SquidGuard adds access controls and other security features. 
SUSE’s handy front end for Linux’s netfilter/iptables. 

Advanced system logger, much more powerful than syslogd. syslog-ng is SUSE’s default logger. 
Front end to OpenSSL for managing Certificate Authorities. 

Firewall functionality. 

The Very Secure FTP Demon. 


The Xen, FAUmachine, User Mode Linux and BOCHS virtual machine environments. 


Description 


ethereal, tcpdump 

fping 

john 

kismet 

nessus-core, nessus-libraries 
nmap 


snort 
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Excellent packet sniffers. 

Flood ping (multiple-target ping). 

John the Ripper, a password-cracking tool (legitimately used for identifying weak passwords). 
Wireless LAN sniffer. 

The Nessus general-purpose security scanner. 

Undisputed king of port scanners. 


Outstanding packet sniffer, packet logger and intrusion detection system. 


noted, runs perfectly well in text (ncurses) mode, with exactly 
the same modules and options as the X version. Also, tightvnc, 
the version of the VNC remote-desktop tool shipped with 
SUSE, doesn't encrypt session data, only authentication data. 

Note also that at installation time, you aren't given the 
opportunity to customize your local firewall settings. Initially, a 
default script is used that provides a simple “allow all out- 
bound transactions, allow nothing inbound that wasn’t initiat- 
ed locally” policy. In other words, the default SUSEfirewall 
script is perfectly appropriate for most desktop systems, but it 
is inadequate for server use. You can change this later on by 
running YaST’s Firewall module. 

YaST then lets you choose from the following methods for 
authenticating nonroot users: 
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Figure 1. Viewing All Available Packages in YaST eer 
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Linux 10.0, via Kerberos. 

Once you've selected an authentication method, you can 
create your first nonroot user account. Be sure to leave 
Automatic Logon disabled unless your system has very low 
security requirements indeed—enabling this causes the 
machine to log in your nonroot user automatically at boot 
time. (About the only situation in which this is a good idea, 
| think, is for kiosk-type systems!) 

And that's it—SUSE installation is now finished! Your job 
as a security-conscious system administrator, however, is not. 


Security-Related YaST Modules 
After the first time you boot your newly minted SUSE Linux sys- 
tem, you immediately should log in as your unprivileged user and 


Table 3. Security-Related YaST Modules 


YaST Section 


Software 


Network Services 


Novell AppArmor 


Security and Users 


Module Name Description 


Online Update 


invoke YaST. If you do this from within KDE or GNOME, you'll be 
prompted for the root password automatically, but in a text-con- 
sole session, you need to use su_-c to invoke /sbin/yast. 

As | mentioned earlier, YaST has a lot of security function- 
ality built in. YaST modules particularly relevant to system 
security are listed in Table 3. 

Of these YaST modules, Online Update is one of the most 
important. You immediately should use it to configure auto- 
matic patch downloads and, unless your system is under a 
change-control process, automatic patch installation as well. 
YaST Online Update was one of the first automatic patch utili- 
ties offered in a major Linux distribution, and it’s still one of 
the best. Use it to take advantage of SUSE’s excellent record of 
providing prompt, well-tested security patches. 


Sets up manual and automatic software updates. 


Software Management 


Virtual Machine Installation (XEN) 


For installing and removing packages. 


Creates virtual machines for the Xen 3 virtual machine environment. 


/etc/sysconfig Editor 


System Services (Runlevel) 


Powertweak 


Edits damon startup parameters. 
Manages startup scripts. 


Sets advanced kernel parameters, such as TCP timewait sockets. 


DNS Server 
HTTP Server 
LDAP Client 
Mail Transfer Agent 


Kerberos Client 


Remote Administration 


Configures BIND. 

Configures Apache. 

Sets up LDAP authentication and lookups. 
Configures Postfix or Sendmail. 


Sets up Kerberos authentication, including Active 
Directory. 


Configures TightVNC. 


Various 


For managing AppArmor mandatory access controls on specific binaries. 


Firewall 


Local Security 


Group Management 


User Management 
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For managing netfilter/iptables settings. 


Determines password complexity and length, password aging, file-permission 
schemes and various other system security parameters. 


Used to create, edit and delete group accounts. 


Used to create, edit and delete user accounts (actually the same 
module as Group Management, which is dual-purpose). 


Annual 
Technical 
Conference 
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Figure 2. YaST’s The Firewall module (Figure 2) is also extremely useful, 

Firewall Module especially if you're uncomfortable creating and managing your 
own firewall scripts (| acknowledge that people like me, who 
find this fascinating and fun, are rare). Similarly, Group/User 
Management eliminates the need for you ever to edit 
/etc/group or /etc/passwd manually. 

The Virtual Machine Installation module and Novell 

AppArmor section are also especially noteworthy. So much so, 
in fact, that | should spend some time talking about SUSE’s vir- 
tual machine and mandatory access control systems, respec- 
tively, in a little more depth. 


Virtual Machines in SUSE Linux 

You may recall my article “The Future of Linux Security” [LJ, 
August 2005], in which | touted virtual machine environments 
and hypervisors (aka security monitors) as being an important 
new direction in system security. If you don’t recall this, the 
gist of it is that it’s because MAC schemes such as SELinux are 
viewed by many people as too complex. A simpler approach 
instead is to run each major application or service on its own 
virtual machine. That way, if for example a virtual machine in 
which Sendmail is running gets compromised, a virtual 
machine running Apache2 on the same physical hardware 
won't be in immediate or direct danger. 

Virtual machines, therefore, provide a powerful and easy- 
o-understand means of isolating complex applications from 
each other. And, SUSE Linux 10.0 includes no fewer than 
hree different virtual machine technologies. 

The Xen 3 environment, which originated at Cambridge 
University, is provided by SUSE as a “technology preview”. To 
he best of my determination, this simply means that because 
Xen 3 is an immature and potentially unstable application, SUSE 
is simply trying to lower people's expectations of its usability— 
he version of Xen 3 in SUSE Linux 10.0 isn’t a special preview 
or evaluation version or anything like that. Xen 3 supports Linux, 
FreeBSD, NetBSD and Plan9 “guest” (virtual) systems. 

Alternatively, the FAUmachine virtualization environment 
includes RPM packages that enable support for SUSE 9, 
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Debian 3.0, OpenBSD 3.5/3.6 and Red Hat 9 guest systems. 
One advantage of FAUmachine over Xen 3 is that in 
FAUmachine, the guest systems’ kernels run on the host sys- 
tem with nonroot (unprivileged-user) permissions. 

User Mode Linux is another virtualization environment 
offered in SUSE Linux 10.0 via the uml-utilities package. Like 
FAUmachine, its guest kernels run without root privileges. 


Novell (Immunix) AppArmor 

However, not everyone has given up on MAC-based system 
security, and SUSE has covered this area handsomely by acquir- 
ing and repackaging Immunix’s AppArmor (aka Subdomain). 
AppArmor is similar to SELinux, in that it allows you to restrict 
the behavior of specific processes, with an effect similar to but 
more effective than running them in chroot jails. 

(Note that although SUSE provides the libselinux package 
and includes SELinux functionality in its default kernel, SELinux 
isn't officially supported in SUSE Linux. You need the packages 
available at www.cip.ifi.lmu.de/~bleher/selinux to run 
SELinux in SUSE Linux.) 

The document /usr/share/doc/packages/subdomain-docs/ 
ug_apparmor.pdf, included in the subdomain-docs 
package, is the AppArmor User's Guide, and it tells you 
everything you need to know about configuring and using 
AppArmor. Suffice it to say for now that if you simply run 
the YaST AppArmor Control Panel module and enable 
AppArmor, a default profile is loaded that includes 
settings for many common demons and commands, 
including netstat, ping, traceroute, firefox, evolution, 
gaim, syslogd, acroread, ethereal, appropos, procmail, 
postfix (smtpd, and so on), Apache2 (httpd2-prefork), 
nscd, identd, ntpd, sshd and squid. 

This is a limited-feature version of AppArmor, so apparently 
it provides only a subset of features available in the full $1,250 
US version. Personally, I'm not clear as to precisely what the dif- 
ference is, though—everything | tried to do with the version in 
SUSE Linux 10.0 seemed to work fine, so this would not 
appear to be a too significantly crippled edition. Perhaps the 
full version includes a longer list of preconfigured applications. 


Conclusion 

These aren't SUSE Linux 10.0’s only security features. | haven't 
talked about how secure many applications’ default settings 
are (in general they're quite secure, with daemons running 
with nonroot privileges whenever possible, network listeners 
such as sshd typically disabled by default and so on). 

This is a very security-friendly version of SUSE Linux indeed. 
Remember, though, that real security begins with you—little of 
SUSE’s security potential is realized until you configure or at 
least enable it yourself! Hopefully, this article has helped you 
get a feel for what that potential is. 

Next month, it’s on to Debian 3.1. Until then, be safe!m 


Mick Bauer (darth.elmo@wiremonkeys.org) is Network Security Architect for one of the 
US's largest banks. He is the author of the O'Reilly book Linux Server Security, 2nd edition 
(formerly called Building Secure Servers With Linux), an occasional presenter at informa- 
tion security conferences and composer of the “Network Engineering Polka”. 
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The Producer Electronics 


Revolution 


The open media revolution is upon us with blogs and podcasts leading the way. 


I’m writing this on the way back from the Consumer 
Electronics Show (CES) in Las Vegas—the biggest tradeshow 
on Earth. This year, 150,000 visitors came to see 2,500 
exhibits spread across 1.3 million square feet. One of those 
visitors was Andrew Leyden of PenguinRadio, who joined 
me for a day of hunting for Cool Linux Stuff. Andrew is a 
consumer electronics veteran, making Linux-based Internet 
radios since 1999. 

Andrew is a walking case study in resourcefulness and per- 
sistence, as well as living proof that, as he puts it, “The com- 
mercial sphere is shrinking and the DIY sphere is growing.” 

You wouldn't have heard a statement like that from 
the brand-name companies and keynoters who starred at 
CES. Not from Bill Gates, who gave the opening keynote 
(which, in a long-standing tradition for me, | missed— 
though thousands waited hours to attend). Not from Intel, 
which brought Tom Hanks, Danny DeVito, Morgan Freeman 
and other stars on stage to promote its proprietary new 
“content delivery” system. Not even from Larry Page of 
Google, who gave a sincere, human and blessedly unscripted 
keynote, guest-starring Robin Williams, who was funny 
as hell. 

CES is a commercial sphere, and most of us continue 
to live in commercial environments. That's what proprietary 
systems are. And, that’s why Google (which runs its massive 
search infrastructure on Linux and participates in many 
open-source development communities) introduced a raft of 
products and services at CES that ran only on Windows 
clients. One was a new video store that worked only for 
Windows clients built by Google, and which required 
Google’s own DRM. When | asked Larry if and when Google 
would come out with stuff that ran on other clients, he 
admitted that it was "a problem” and said they're working 
on it. At least when Google says that, | believe them. Out 
on the CES show floor, when an executive with another 
company answered the same kind of question with “We're 
always looking to improve the user experience”, Andrew 
and | could barely conceal our utter disbelief. 

Of course, everybody talked about “putting the user in 
charge” and “having your media your way”, but there was 
little credit given to users who really do take charge, oper- 
ate independently and even produce their own media. In 
his 1995 essay “Death From Above”, John Perry Barlow 
wrote, “America remains a place where companies produce 
and consumers consume in an economic relationship which 
is still as asymmetrical as that of bomber to bombee.” It’s 
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bad enough that this asymmetry persists in consumer elec- 
tronics. It’s especially discouraging to see leaders in the 
computer business—Intel, Dell, Microsoft, Apple and even 
Google—go Hollywood on us. 

| heard about the user-side revolution only from 
bloggers, podcasters and wiki writers, most of whom are 
glad to take advantage of Linux, open source, free soft- 
ware and free markets. Consumer electronics is gradually 
being transformed by all these developments, even as its 
largest brand names still labor, with success, to herd 
consumers into proprietary silos and walled gardens, 
now guarded by shiny new DRM systems. 

But the revolution will soon become undeniable, even if 
it isn’t televised. 

When | first started talking with Andrew, seven years 
ago, PenguinRadio was a hardware start-up, making radios 
for playing .mp3 streams. The company still does that, but 
now most of its revenue comes from advertising in its pod- 
cast directory (podcastdirectory.com). Weekly visitors 
have gone from 150 to 3 million. 

A good starting point for measuring the growth of 
podcasting appears in “DIY Radio With Podcasting”, a 
piece | wrote for IT Garage (Linux Journal's sister site) on 
September 29, 2004. There, | said, “... now most of my 
radio listening is to what Adam Curry and others are start- 
ing to call podcasts. That last link currently brings up 24 
results on Google. A year from now, it will pull up hun- 
dreds of thousands, or perhaps even millions.” 

| guessed low. According to Wikipedia, “There were 
526 hits on September 30, then 2,750 three days later. 
The number doubled every few days, passing 100,000 
by October 18. A year later, Google found more than 
100,000,000 hits on the word ‘podcasts’.” 

Today (in early January 2006), “blog” brings up 510 million. 
Perspective: that’s 56 million more than the word “consumer”. 

“Weblog” brings up 141 million. “Wiki” brings up 240 million. 

Compare those to some of the numbers we tracked in 
UpFront (p. 20), and you'll see how big this transformation is. 

It has been my privilege to stand several inches away 
from ground zero for both the Weblog and podcast explo- 
sions. My own blog (doc.weblogs.com) was launched in 
October 1999, when “blogfather” (of weblogs.com, RSS 
and too many other developments to name) Dave Winer 
sat me down and insisted | start blogging. Today my blog 
is in Technorati's Top 100, out of the 24.7 million blogs 
(or sources of RSS feeds) tracked by the service. Of the 


3.55 million results Google yields for my name, 2.61 also 
mention “blog”. That's compared to 510,000 that 
also mention “linux”. 

Technorati was born in November 2003, when David 
Sifry hacked it up as a research tool to help write the first 
Linux Journal story on blogging. Today Technorati is the 
#708 Web site on Earth, according to Alexa’s traffic rank- 
ings. That's ahead of the A9.com search engine, which 
(like Alexa) is owned by Amazon.com. Technorati is 
searched several dozen million times a day. (Disclosure: 
I'm on the Technorati advisory board.) 

As for podcasting, | enjoy membership in the Gillmor 
Gang, a popular weekly podcast that began in 2004. 
Steve Gillmor’s gang takes an hour or so of my time 
each week. Blogging takes more, but mostly because 
my efforts have spread to IT Garage, my SuitWatch 
newsletter and Linux Journal's own Web site, all of which 
have RSS feeds and plenty of subscribers. Although my 
personal blog might run up to a thousand or more words 
a day, it doesn’t take much time because | treat it as a 
form of public e-mail: a kind of “cc:world”. In fact, most 
of what | write in my blog is in response to e-mails. The 
est is in response to subscriptions to keyword searches 
in Technorati, Pubsub, Google's Blogsearch and other 
engines that operate in the Live Web that updates con- 
stantly (rather than from the relatively Static Web of sites 
hat change slowly and aren’t syndicated). 

| say all this because | think that many people—even some 
Linux Journal readers—still don't know the extremely high 
everage blogging, podcasting and wiki writing can provide. If 
you write something useful, or provocative, that adds sub- 
stance to the world—and if you link out to others who serve 
as sources or also have interesting things to say—the results 
can be amazing. Search for “Saving the Net” or “Linux is a 
species”, and you'll find stuff | wrote (both for Linux Journal) 
at or near the top of the results. 

These results aren't due to “search engine optimization”, 
but rather to the fact that | try to write stuff that’s useful, 
funny, moving, productive or otherwise interesting—knowing 
that others will want to write about the same things. 

All three of this month's topics—blogs, podcasts and 
wikis—are extraordinarily useful levers on the world. One big 
reason is that they're personal. Back in the early days of 
Weblogging, Dave Winer described a blog as “the unedited 
voice of an individual”. 

Blogs and podcasts (and even wikis in some cases) can 
make us much more valuable as employees as well. My 
roommate at CES was Robert Scoble, a friend of many 
years who has recently become Microsoft's most well- 
known blogger, with around 25,000 readers a day. A 
few days before we got together at CES, Robert raised 
eyebrows by lambasting his employer for taking down 
a blogger under pressure from the Chinese government. 
Speaking frankly to, as well as for, his employer, has been 
good for both Robert and Microsoft. 

Yet, we still tend to see companies as the main instru- 
ments of progress, even when the subject is open source. 


Feed acold, starve a fever... 
better yet: 


Avoid a virus. 
Use BitDefender! 


At least that's what 
41 million of our users say. 


BitDefender is an award-winning 
producer of anti-virus software and data 
security solutions providing protection 
to satisfy the requirements of today's 
computing environment. 


¢ Best reaction to malware 
as certified by: Andreas Marx 
(www.av-test.org) 

¢ Available for mail and file servers 

¢ Answers to critical administrator 
needs: performance, stability 
and compatibility 


¢ Compliant with FreeBSD 4 & 5 
as well as all popular Linux distros 


Now you should feel 
quite a BIT better. 


“S bitdefender 


secure your every bit 
Try it for free | www.bitdefender.com 


Visit us at Linux World in Boston, April 4-6, 2006 Booth #1234 
For a FREE copy of our Linux and FreeBSD Security Solutions 
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For example, take a BusinessWeek article 
(www. businessweek.com/technology/content/dec2005/ 
tc20051228 262746.htm) from December 28, 2005. The title 
says “A Watershed for Open Source In 2005”, and the teaser 
subhead says “The software movement finally gained traction in 
Corporate America and saw a new influx of VC cash. How will 
2006 shape up?” The article lists and describes the “five biggest 
open-source events of 2005”. The five involve 1) Red Hat, 2) Sun 
Microsytems, 3) Motorola, 4) Firefox and 5) venture capitalists. 

If | had to name five watersheds, | would list developments 
instead of events. And | would look at what developers and 
users are doing together over a long period of time, rather 
than what companies, funders and projects happened to do in 
the year just past. 

Three of my top five developments would be blogs, wikis 
and podcasts. Not sure what the other two would be. Why? 
Because |'ve heard Linus and the kernel developers say, “That’s 
user space. | don’t do user space.” So my natural response is 
to say “That's not user space. | only do user space.” 

The fun thing about blogs, wikis and podcasts is that 
users and developers work closely together. In fact, that 
interaction is essential to progress. For evidence, look at 
the collaboration around microformats, tagging, structured 
blogging and OPML. The standards and practices of blogs, 
podcasts and wikis are all being pushed forward by individ- 
uals and developers, working together. 

In fact, my favorite explanation of what's good about the 
GPL came from Mark Pilgrim, in a blog post titled “Freedom 
0” (diveintomark.org/archives/2004/05/14/freedom-0), 
written shortly after Six Apart came up with a restrictive 
new license for Movable Type, its formerly (somewhat) 
open-source blogging software. One excerpt: 


Many people misunderstand Free Software and the GNU 
General Public License. Many people equate the GPL to 
the boogeyman, because it’s “viral”, and that sounds 
like a bad thing. Here's what viral licensing means: GPL 
software has the restrictions that it has, and that's it. 
The GPL is quite restrictive on developers, not at all on 
end users. (More on that in a minute.) Regardless, GPL 
software has the restrictions that it has, but it can never 
become more restrictive. An upgrade can’t take away 
freedoms that | enjoyed with an older version. 


A side effect of this is that if | write a GPL program and then 
lose interest, and someone else picks it up and continues 
development, they are forced to release their version under 
the GPL. A new developer can’t take away freedoms that | 
enjoyed with the old version either. 


| mention this because it’s exactly what happened with 
WordPress. It started life as b2, which was abandoned. But a 
year ago, a new community coalesced around a fork of the 
original b2, and it became WordPress. The new community 
included some of the original developers, and many new 
developers. Because the original software was GPL-licensed, 
WordPress was also GPL-licensed.... 
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... will never be surprised by the licensing of new versions 
of WordPress. 


Freedom 0 is the freedom to run the program, for any pur- 
pose. WordPress gives me that freedom; Movable Type does 
not. It never really did, but it was “free enough” so we all 
looked the other way, myself included. But Movable Type 
3.0 changes the rules, and prices me right out of the mar- 
ket. | do not have the freedom to run the program for any 
purpose; | have only the limited set of freedoms that Six 
Apart chooses to bestow upon me.... 


WordPress is free software. Its rules will never change. In 
the event that the WordPress community disbands and 
development stops, a new community can form around the 
orphaned code. It’s happened once already. In the extremely 
unlikely event that every single contributor (including every 
contributor to the original b2) agrees to relicense the code 
under a more restrictive license, | can still fork the current 
GPL-licensed code and start a new community around it. 
There is always a path forward. There are no dead ends. 


Today, a search for “WordPress” brings up 58 million 
results on Google. A search for “Movable Type” brings up 
46.3 million. 

| give enormous credit to Mena and Ben Trott, who wrote 
Movable Type and founded Six Apart, which today hosts mil- 
lions of MT-based TypePad blogs. The fact that Movable Type 
was “free enough” helped launch and continues to grow the 
blogging movement. | also give credit to Google's Blogger and 
Userland’s Radio Userland (which runs on Manila, which is 
written in Frontier, a scripting environment created by Dave 
Winer, who open sourced it with the GPL in 2004). 

Yet the bulk of development work around blogging 
(including work on syndication, tagging, outlining and other 
standards and practices) happens outside the corporate con- 
text. Matt Mullenweg is better known for his work with 
WordPress than for whoever his employer happens to be. 

Here's a revealing fact: the Wall Street Journal's new blogs 
(blogs.wsj.com) run on WordPress. 

There’s a reason this column is called Linux for Suits rather 
than Linux for Companies. It’s because Linux is about the peo- 
ple who write and use it, not about companies. Note the dis- 
tinction Linux kernel hackers make between “kernel space” 
and “user space”. My beat here is the business corner of user 
space. I’m more interested in what people do with Linux at 
companies than in what “Linux Companies” are up to. 

Blogs, wikis and podcasts grow naturally through the 
contributions of countless individuals in an environment 
built and enriched by work on free and open code. Non- 
free and non-open code can flourish there too. But it’s 
important to remember where this environment came 
from. Plenty of credit is due to companies. But far more is 
due to individuals. It’s what they produce that matters 
most. Not what the rest of us consume.m™ 


Doc Searls is Senior Editor of Linux Journal. 
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MPI Link-Checker "te the Rescue! 


Asingle slow node or intermittent link can cut the speed of MPI applications by half. Whether you use 
GigE, Myrinet, Quadrics, InfiniBand or InfiniPath HTX, there is only one choice for monitoring and 
debugging your cluster of SMP nodes: Microway's MPI Link-Checker”. 


This unique diagnostic tool uses an end-to-end stress test to find problems with cables, processors, 
BIOS's, PCI buses, NIC's, switches, and even MP! itself! It provides instant details on how latency and 
bandwidth vary with packet size. It also provides ancillary data on inter-process and intra-CPU latency, 
and includes FastCheck!, which runs in CLI mode and checks up to 100 nodes per second. 

A complimentary one year license for MPI Link-Checker™ is installed on every Opteron based 
Microway cluster purchased in 2006. 


Wondering what's wrong with your cluster’s performance, or need help designing your next one? 
Microway designs award-winning single and dual core AMD Opteron based clusters. Dual core enables 
users to increase computing capacity without increasing power requirements, thereby providing the best 
performance per watt. Configurations include 1U, 2U, and our 4U QuadPuter” RuggedRack™—available 
with four or eight dual core Opterons, offering the perfect balance between performance and density. 


Microway has been an innovator in HPC since 1982. We have thousands of 
happy customers in HPC, Energy, Enterprise and Life Science markets. 


Isn't it time you became one? CLUSTER) 


WINNER 
Cluster 
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Microway® Quad Opteron” Cluster with 
36 Opteron 880s, redundant power, , 
45 hard drives and Myrinet” in our 


CoolRak” cabinet. 23 Years of Expertise Built In 
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CRYPTOCard-Server Version 6.3 


With government spooks evidently reading all our e-mail, perhaps it's time to 
invest in a cryptographic solution for your sensitive data. CRYPTOCard-Server 


< LaCie’s GlobeTrotter 2.0 


If you need more capabilities than a bootable Flash or CD distribution of Linux 
offers, LaCie has released a bootable Linux distribution pre-installed onto a 40 or 
80GB USB hard drive. Based on its FA Porsche-designed USB hard drive family, 
the GlobeTrotter 2.0 features a copy of Mandriva Linux Limited Edition 2005 
pre-installed on the drive and tuned to launch on just about any system that 
supports booting from USB devices. The 40GB version retails for $139.99 US and 
the 80GB for $199.99 US, and it includes a one-month membership to Mandriva 
Online. The drives also include OpenOffice.org. 

www.lacie.com 


version 6.3 offers an all-in-one access solution combining a smart card or soft- 
ware token with a user-specific pin to validate access to the corporate network. 
Compatible with SUSE Enterprise Server and Red Hat Enterprise Linux 3, the 
CRYPTOCard solution can lock the doors to authorized users trying to sneak in 
via PPP, SSH, Samba and VPN solutions, as well as the Linux display managers. A 


five-user package with the server and five tokens is available for $499 US. 
www.cryptocard.com 


IceWarp Software 
Ltd.’s Merak Mail 
Server 


r] 
Are Cereer SEEray Excel Softwa re Ss You've got mail. Lots and lots of mail. Maybe you 
feet Ca ee ies eercneen| ue] Qu ickU M L 2 0 need the Merak mail server from IceWarp Software 
Ltd. Already a widely deployed server under 
Does your job require you to draw pretty Windows, the new Linux edition of the software is 
pictures with boxes and lines before you specifically tuned to the OS. Certified for use with 
get to write any code? If UML is party of Red Hat Enterprise Linux, it also has been tested 
your workplace reality, Excel Software has on Red Hat Fedora Core and Gentoo. Success also 
begun shipping QuickKUML 2.0 for Linux, has been reported on SUSE, Mandrake, Ubuntu 
Windows and Mac. According to Excel, and Debian distributions. The package includes 
QuickUML is designed to be, well, quick. antispam, antivirus, groupware and instant-mes- 
They claim that no formal training is needed to begin designing objects using the tool, and that saging capabilities, and it is designed for loads of 
QuickUML can generate code stubs for C++, Java or Delphi. Single-user licenses start at $295 US. up to 20,000 messages per minute and up to 


www.excelsoftware.com 


100,000 active accounts. Pricing runs from $210 
US for a single domain version to $5,700 US for a 
full-blown package with all the features. 
www.icewarp.com 


Please send information about releases of Linux-related products to James Turner at newproducts@ssc.com or 


New Products c/o Linux Journal, 1752 NW Market Street #200, Seattle, WA 98107. Submissions are edited for length and content. 
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Why is LPI the World’s #1 
IT certification? 


All Linux Professional Institute certification programs are created 
using extensive community input, combined with rigorous 
psychometric scrutiny and professional delivery. We test the whole 
continuum of important Linux skills - we don't just focus on small, 
subjective tasks. 


ive. 


LPI's program follows the LSB specification, so people who pass our 
tests can work on all major distributions. Because of its strong grass- 
roots base and corporate support both inside and outside the world 
of open source, LPI goes beyond "vendor-neutral” to truly address 
community needs. 


LPI exams are available in seven languages, at more than 7,000 
locations, in more than 100 countries. You take LP! exams when you 
want, where you want. In addition, special exam lab events around 
the world make our program even more affordable. And because we 
don't make exclusive partnerships, LPI is supported by a broad range 


of testing centers, book publishers and innovative suppliers of 
preparation materials. 


Linux 
Professional 
Institute 


For more information, 
Please contact us at 
Info@lpi.org or visit us at 
www. |pi.org. 


Why ! 
Don’t Like 
ledit: Get] 


Wikis 


I’ve been called a curmudgeon before [edit: because you are] 
and there are some technologies [edit: like television] that | don’t 
really see as astonishingly useful evolutionary steps in the world of 
information and technology, but even with that disclaimer, | have 
to say that I'm completely unimpressed with wikis and really don’t 
understand why so many other people love them so [edit: maybe 
because they're just smarter than you are, jerk!]. 


Intellectually, the idea of collaborative 
editing and maintenance of text documents 
is quite appealing, but the pragmatic reality 
of having essentially zero editorial control 
over content is problematic at best and dan- 
gerous at worst. Would you trust a medical 
encyclopedia built around wiki technology? 
[edit: These sort of rhetorical questions are just 
trite author tricks and should be axed.] 

A wiki, which gets its name from the 
Hawaiian phrase “wiki wiki", or “quick, quick”, 
is a simple software application that allows 
content to be separated from its presentation to 
make it trivially easy to have visitors modify and 
change any content that they see [edit: on a 
wiki-based Web site]. Mere-sephisticated [add: 
Just about all] wiki packages have a sophisticat- 
ed, if arcane [edit: it’s not arcane, you're just 
stupid] [edit: come on, when =a= and ==a== 
produce different formatting, it’s pretty arcane] 
[edit: screw you, |0s3r] markup language. 

If this article were hosted on a wiki [edit: too 
bad it’s not. Then we could fix all the inane com- 
mentary herein], you could decide that you don’t 
like my definition of the word “wiki”, or even the 
article title, click on an edit button and change 
things to your heart's content. There's a change- 
tracking mechanism built into all wiki systems 
(and it should be no surprise that’s a critical ele- 
ment [edit: if only to get rid of stupid edits]), but 
you can imagine that when pages can be edited 
and modified five, ten or even 20 or more times 
daily, it can fead-+to-a-painfulediteralrrarnage- 
PReAttask [add: be almost impossible to retain any 
sort of quality control over the content]. [edit: The 
point of a wiki is that there isn’t any editorial con- 
trol, though. This entire premise is false. ] 

Now, let’s say that | wanted to write about the 
infamous Skull & Bones Society and its intersection 
with the Illuminati, Opus Dei and the Bush family 
[edit: and your mama, too]. You can easily imagine 
that my take on this vast conspiracy might well be 
dramatically different from your take, and sure 
enough, there are certain types of content that 
realy suffer the worst in wikis, as the on-again, 
off-again article on JFK's assassination on 
Wikipedia demonstrates. It seems that a erackpet 
[add: guy who didn’t buy the government 
coverup] decided that there was a conspiracy 
involved in Kennedy's assassination and added that 
to the page. But others felt otherwise and purged 


the Wikipedia entry of his content. And he added 
it back. And they deleted it. To the point where it’s 
now impossible to know whether the page reflects 
the commonly held facts of the situation or some 
crank theory. [edit: Truth is subjective. ] 

Even with smaller groups, |’ve tried having 
a wiki for a team of about a dozen people, and 
the necessity of using the arcane wiki coding 
schemes and confusion of tracking edits rapidly 
diminished anyone's enthusiasm for the new 
technology and the project quickly ran out of 
steam. [edit: You were probably all just too 
st0Opd to use a wiki!] Document tracking in 
Microsoft Word is far, far easier, and it’s not 
that hard to e-mail files around, even in this 
day and age [edit: and horses and buggies? 
Is that your speed too?]. 

| suppose wikis have their place and 


certainly there are fans who find them a 
useful Web-based document “evolution” 
petri dish, if you will. [edit: Sheesh, can we 
PLEASE purge this guy of his clichés? This is a 
terrible article!] [edit: Yeah, and what have 
you written and published lately, chump?] 
[edit: Where is that relevant, |0s3r?] [edit: 
Can't you just GO AWAY and leave this page 
alone?] [edit: | will when it’s accurate] [edit: 
According to who, you?] [edit: Hey, | can edit 
this more than you can. Wanna test me?] 

Overall, though, the only time | have seen 
wikis work is when not everyone who wanders 
onto the site can edit the content, but if there's 
editorial control, it seems to be counter to the basic 
premise of wikis, that they're a tool for leveraging 
the collaborative editorial efforts of the public. 

That's why | believe that as technologies 
go, wikis are going to end up in the good 
idea, bad implementation, or, perhaps, good 
concept, bad fit with reality graveyard. [edit: 
That's okay, you'll be there too, Taylor, and 
this article shows exactly why. ]m™ 


Dave Taylor has been involved with UNIX and Internet technologies 
since 1980 and has picked some winners in the technology sweep- 
stakes (even in 1980 it was clear that e-mail was the killer app for 
networks), but backed some clunkers too. You can pick up the debate 
on his business blog The Intuitive Life, at www.intuitive.com/blog. 
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ocumentation. Tl! LEGGETT 


ess shows how wikis and blogs can 


Some goals of a good documentation system should be: 
H Make it easy for you and your coworkers to find relevant information. 


m@ Make it easy for new employees to come up to spee 


lit and retire documentation. 


M@ Make it easy to create 
@ Keep revisions of changes and who made them. 


@ Limit who sees or edits the documentation with an authentication system. 
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Why a Wiki? 

This is where a wiki comes in. From Wikipedia: “a wiki is a type of Web 
site that allows users to add and edit content and is especially suited for 
constructive collaborative authoring.” 

What this means is a wiki allows you to keep and edit your documentation 
in a central location. You can access and edit that documentation regardless of 
the platform you are using. All you need is a Web browser. Some wikis have 
the ability to keep track of each revision of a changed document, so you can 
revert to a previous version if some errant changes are made to a document. 
The only obstacle a new user must overcome is learning the particular markup 
language of your wiki, and sometimes even this is not completely necessary. 

One of a wiki’s features is also one of its drawbacks. Wikis are pretty 
free flowing, and although this allows you to concentrate on getting the 
documentation written quickly, it can make organization of your wiki 
rapidly spiral out of control. Thought needs to be put into how the wiki is 
organized, so that topics do not get stranded or lost. | have found that 
making the front page a table of contents of all the topics is very handy. 
However you decide to organize your wiki, make sure it is well understood 
by everyone else. In fact, a good first document might be the policy 
describing the organization of the wiki! 


TWiki 

There are several open-source wikis available, such as MediaWiki [see 
Reuven M. Lerner’s article on page 62 for more information on MediaWiki] 
and MoinMoin, each with its own philosophy on markup and layout, but 
here we concentrate on TWiki. Some of TWiki’s benefits are: 


@ A notion of webs that allows the wiki administrator to segregate areas 
of collaboration into their own areas, each with its own set of autho- 
rization rules and topics. 


@ A modular plugin and skin system that allows you to customize easily. 
@ A well-established base of users and developers. 

@ Revision control based on RCS. 

@ It is Perl-based and mod_perl or FastCGI can be used. 


@ Authentication is handled outside the wiki by mechanisms such as 
Apache htpasswd. 


The most current stable release at this time is Cairo, or TWiki20040904. It 
was released, as the name suggests, on September 4, 2004, and it has been 
proven to be very stable. However, it does lack some of the features of the 
current beta release, Dakar, that | find to be very useful. The Dakar release we 
use here is TWikiRelease2005x12x17x7873beta. 

Installing TWiki is relatively easy, but still needs work. | hope, as the 
beta progresses, we will see improvements in ease of installation and 
upgrading along with clearer documentation. 

First, you must create the directory where you want to install TWiki, say 
NvarAwww/wiki. Next, untar the TWiki distribution in that directory. Then 
you must make sure that the user with rights to run CGI scripts (usually 
apache or www-data), owns all of the files and is able to write to all files: 


install -d -o apache /var/www/wiki 

cd /var/www/wiki 

tar zxf /path/to/TWikiRelease2005x12x17x7873beta. tgz 
cp bin/LocalLib.cfg.txt bin/LocalLib.cfg 

vi bin/LocalLib.cfg lib/LocalSite.cfg 


HH H HH HK 


# chown -R apache * 
# chmod -R u+w * 


Now copy bin/LocalLib.cfg.txt to bin/LocalLib.cfg, and edit it. You need 
to edit the $twikiLibPath variable to point to the absolute path of your 
TWiki lib directory, /varAwww/wiki/lib in our case. You also must create 
lib/LocalSite.cfg to reflect your specific site information. Here is a sample of 
what might go into LocalSite.cfg: 


# This is LocalSite.cfg. It contains all the setups for your local 
# TWiki site. 

$cfg{DefaultUrlHost} = "http://www.example.com"; 
$cfg{ScriptUrlPath} = "/wiki/bin"; 


$cfg{PubUrlPath} = "/wiki/pub" 

$cfg{DataDir} = "/var/www/wiki/data"; 
$cfg{PubDir} = "/var/www/wiki/pub" 
$cfg{TemplateDir} = "/var/www/wiki/templates"; 
$TWiki::cfg{LocalesDir} = '/var/www/wiki/locale'; 


Here is a sample section for your Apache configuration file that allows 
this wiki to run: 


ScriptAlias /wiki/bin/ "/var/www/wiki/bin/" 

Alias /wiki "/var/www/localhost/wiki" 

<Directory "/var/www/wiki/bin"> 
Options +ExecCGI -Indexes 
SetHandler cgi-script 
AllowOverride All 
Allow from all 

</Directory> 

<Directory "/var/www/wiki/pub"> 
Options FollowSymLinks +Includes 
AllowOverride None 
Allow from all 

</Directory> 

<Directory "/var/www/wiki/data"> 
deny from all 

</Directory> 

<Directory "/var/www/wiki/lib"> 
deny from all 

</Directory> 

<Directory "/var/www/wiki/templates"> 
deny from all 

</Directory> 


TWiki comes with a configure script that you run to set up TWiki. This script 
is used not only on initial install but also when you want to enable plugins later. 
At this point, you are ready to configure TWiki, so point your browser to your 
TWiki configure script, http:/www.example.com/wiki/bin/configure. You 
might be particularly interested in the Security section, but we will visit this 
shortly. Until you have registered your first user, you should leave all set- 
tings as they are. If the configure script gives any warnings or errors, you 
should fix those first and re-run the script. Once you click Next, you are 
prompted to enter a password. This password is used whenever the config- 
ure script is run in the future to help ensure no improper access. 

Once you have completed the configuration successfully, it is time to enter 
the wiki. Point your browser to http:/Avww.example.com/wiki/bin/view, and 
you are presented with the Main web. In the middle of the page is a 
link for registration. Register yourself as a user. Be sure to provide a 
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valid e-mail address as the software uses it to validate your account. 
Once you have verified your user account, you need to add yourself to 
the TWikiAdminGroup. Return to the Main web and click on the Groups 
link at the left, and then choose the TWikiAdminGroup. Edit this page, 
and change the GROUP variable to include your new user name: 


Set GROUP = %MAINWEB%.TiLeggett 
Set ALLOWTOPICCHANGE = %MAINWEB%. TWikiAdminGroup 


The three blank spaces at the beginning of each of those lines are critical. 

These two lines add your user to the TWikiAdminGroup and allow 
only members of the TWikiAdminGroup to modify the group. We are 
now ready to enable authentication for our wiki, so go back to 
http://www.example.com/wiki/bin/configure. Several options provided 
under the Security section are useful. You should make sure the 
options {UseClientSessions} and {Sessions}{UselPMatching} are enabled. 
Also set the {LoginManager} option to TWiki::Client::TemplateLogin 
and {PasswordManager} to TWiki::Users:: HtPasswdUser. If your server 
supports it, you should set {HtPasswd}{Encoding} to shal. Save your 
changes and return to the wiki. If you are not logged in automatically, 
there is a link at the top left of the page that allows you to do so. 

Now that you have authentication working, you may want to tighten 
down your wiki so that unauthorized people do not turn your documenta- 
tion repository into an illicit data repository. TWiki has a pretty sophisticated 
authorization system that is tiered from the site-wide preferences all the way 
down to a specific topic. Before locking down the Main web, a few more 
tasks need to be done. Once only certain users can change the Main web, 
registering new users will fail. That is because part of the user registration 
process involves creating a topic for that user under the Main web. Dakar 
has a user, TWikiRegistrationAgent, that is used to do this. From the Main 
web, use the Jump box at the top left to jump to the WebPreferences topic. 
Edit the topic to include the following four lines and save your changes: 


Set ALLOWTOPICRENAME = %MAINWEB%. TWikiAdminGroup 

Set ALLOWTOPICCHANGE = %MAINWEB%. TWikiAdminGroup 

Set ALLOWWEBRENAME = %MAINWEB%. TWikiAdminGroup 

Set ALLOWWEBCHANGE = %MAINWEB%. TWikiAdminGroup, 
=> %MAINWEB%. TWikiRegistrationAgent 


This allows only members of the TWikiAdminGroup to make changes 
or rename the Main web or update the Main web's preferences. It also 
allows the TWikiRegistrationAgent user to create new users’ home topics 
when new users register. | have included a patch that you must apply to 
lib/TWiki/UI/Register.pm as well. The patch follows, but you can also down- 
load the patch from the LJ FTP site (see the on-line Resources): 


--- Lib/TWiki/UI/Register.pm.orig 2006-01-04 01:34:48.968947681 -0600 
+++ Lib/TWiki/UI/Register.pm 2006-01-04 01:35:48.999652157 -0600 
@@ -828,11 +828,12 @@ 


my $userName = $data->{remoteUser} || $data->{WikiName}; 
my $user = $session->{users}->findUser( $userName ); 

By my $agent = $session->{users}->findUser( $twikiRegistrationAgent ); 
$text = $session->expandVariablesOnTopicCreation( $text, $user ); 


$meta->put( 'TOPICPARENT', { 'name' => $TWiki::cfg{UsersTopicName}} ); 
- $session->{store}->saveTopic($user, $data->{webName} , 


+ $session->{store}->saveTopic($agent, $data->{webName}, 
$data->{WikiName}, $text, $meta ); 
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return $log; 


Otherwise, new users’ home directories will fail to be created and new 
user registration will fail. Once you have verified that the Main web is 
locked down, you should do the same for the TWiki and Sandbox webs. 

When you are done configuring TWiki, you should secure the files’ 
permissions: 


find /var/www/wiki/ -type d -exec chmod 0755 {} ';' 

find /var/www/wiki/ -type f -exec chmod 0400 {} ';' 

find /var/www/wiki/pub/ -type f -exec chmod 0600 {} ';' 

find /var/www/wiki/data/ -type f -exec chmod 0600 {} ';' 
find /var/www/wiki/lib/LocalSite.cfg -exec chmod 0600 {} ';' 
find /var/www/wiki/bin/ -type f -exec chmod 0700 {} ';' 
chown -R apache /var/www/wiki/* 


*# # HH HH HOH H 


As | mentioned before, TWiki has a plugin system that you can use. 
Many plugins are available from the TWiki Web site. Be sure the plugins 
you choose have been updated for Dakar before you use them. 


Keeping Your Users in the Know 

One important aspect of system administration that is sometimes over- 
looked is keeping users informed. Most users like to know when there is 
new functionality available or when resources are down or not available. 
Not only does it make users happier to be kept informed, but it also can 
make your life easier as well. The last thing you want to do when the cen- 
tral file server is down is reply to users’ questions about why they cannot 
get to their files. If you have trained your users to look at a central location 
for status of the infrastructure first, all you have to do after notification of 
a problem is post to this central place that there is a problem. Mailing lists 
also are good for this, but what if the mail server is down? Some people, 
for instance your boss or VP of the company, might like to know what the 
status is of things as they happen. These updates might not be suitable to 
send out to everyone daily via e-mail. You could create yet another mailing 
list for these notifications, but you also might consider a blog. 

If you are not familiar with a blog, let us refer back to Wikipedia: “a 
blog is a Web site in which journal entries are posted on a regular basis 
and displayed in reverse chronological order.” 

The notion of a blog has been around for centuries in the form of 
diaries, but blogs recently have had an explosion on the Internet. Many 
times a blog is started as someone's personal journal or as a way to report 
news, but blogs can be extremely useful for the sysadmin. 

Blogs can help a sysadmin give users an up-to-the-minute status of 
what they are doing and what the state of the infrastructure is. If you 
faithfully update your blog, you easily can look back on what you have 
accomplished so you can make your case for that raise you have been hop- 
ing for. It also will help you keep track of what your coworkers are doing. 
And, with many blog software packages providing RSS feeds, users can 
subscribe to the blog and be notified when there are new posts. 


WordPress 

There are a lot of blog software packages out there today, but here we 
cover WordPress. WordPress is fast and has a nice plugin and skin interface 
to allow you to customize it to your heart's content. The only requirements 
for running WordPress are Apache, MySQL and PHP. | don’t go into how to 
install WordPress, because the on-line documentation is very clear and easy 
to follow. Instead, | start where the installation leaves off and introduce 
some useful plugins. | suggest starting with WordPress v1.5.2 even though 
v2.0 is currently out. There have been some problems with the initial 2.0 


release that warrant waiting for v2.0.1. Also, many of the plugins have not 
had a chance to update to the new system. 

The first thing you should do after installing WordPress is log in as the 
admin user. Once logged in, you are presented with the Dashboard. At 
the top of the page is a menu of options named Write, Manage, Links 
and so on. You should first create an account for yourself by clicking on 
the Users option. Once that has loaded, two tabs labeled Your Profile and 
Authors & Users are available under the main menu. Click on Authors & 
Users, and scroll down to the Add New User section and fill in the text 
fields. Once your user has been added, it appears in the Registered Users 
section above. There are several columns of data, and one is Promote, 
which you should click on. Promoting a user makes that user an author 
and also allows that user to have more privileges based on its level. Once 
your user has been promoted, it will have a level of one. There are plus 
and minus signs on either side of the level to use to increase your user's 
level. Increase it to nine, which is the highest level a non-admin user can 
be. Should you ever need to delete users that have been promoted to 
authors, all you need to do is decrease their level below one and then 
delete them. | have included a link to a more in-depth description of the 
privileges of each user level in the on-line Resources. 

There are a few other options you might consider changing. In General 
Options, there are check boxes to allow anyone to register to become a blog 
user and to require users to be logged in to add comments. You may or may 
not want these options enabled, depending on your security concerns and 
the openness of your blog. At our site, users cannot register themselves, 
though anyone can post comments without being logged in. You should 
explore all the menus and all their options to tweak them for your site. 


WordPress Plugins 

WordPress has a very modular plugin system, and a lot of people have 
written many plugins. WordPress also has a notion of categories. 
Categories can have many uses, but one might be to create mini-blogs for 
different communities of users or to group posts about a specific aspect of 
the infrastructure. But, you might not want all users to be able to see every 
category. The Userextra plugin, in conjunction with the Usermeta plugin, 
allows you to control exactly this sort of thing. Once you have followed 
these plugins’ installation instructions, two more menus are available under 
Options and one more under Manage that allow you to refine access. 

Another plugin you may find useful is the HTTP Authentication plugin. This 
plugin lets you use an external authentication mechanism, such as Apache's 
BasicAuth, as a means to authenticate to WordPress. This is great if you already 
have an LDAP directory or Kerberos realm that you use for authentication and 
you have mod_auth_Idap or mod_auth_kerb up and running. 

Many more plugins are available for WordPress from the WordPress Codex 
and the WordPress Plugin DB. If you feel some functionality is missing, there 
are plenty of examples and documentation available from the WordPress Web 
site, and these plugin repositories can help you write your own plugin. 


Wrapping Up 

| hope that after this whirlwind tour of wikis and blogs you have come to 
see how they can be beneficial to help your shop run a smoother ship and 
provide your users with all the information they might want. Just as there 
are many different sails to keep your ship sailing, there are many different 
wiki and blog software packages out there. The right package for you is 
the one that keeps your users happy and you productive. 


Resources for this article: www.linuxjournal.com/article/8832.m 


Ti Leggett (ti@daleggetts.com) is a full-time system administrator. When he’s not working, he might be found 
playing his Gibson B-25 or doing some home improvements or wood working. 
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All you need to know to install and use 
the powerful MediaWiki system. Reuven M. Lerner 


| was first introduced to the idea of a wiki many years ago. A colleague 
at work told me about a Web site that invited readers to become writers 
and editors. Over time, he said, a wiki would grow to include a great deal 
of knowledge, drawing from the collective experience, without the need 
for any centrally coordinated assignment or editing. My gut reaction was 
one of great ambivalence. On the one hand, a community of well-meaning 
and well-disciplined users could indeed use a wiki in many useful ways. But 
at the same time, it seemed like an invitation for chaos. And, admittedly, 
chaos has sometimes been the result. 

Over the years, wikis have become increasingly common. Dozens of 
different software packages are now available, in nearly every program- 
ming language and for nearly every Web/database framework. The ques- 
tion is no longer whether a wiki is available, or how easily one can be 
installed, but rather whether a wiki is an appropriate tool for your needs 
and which of the existing packages is the best fit for your organization. 

And although the jury is still out, at least in part, regarding the long-term 
viability of public wikis, the amazing Wikipedia Project has demonstrated that 
it is possible to have surprisingly good results. A research study released sever- 
al weeks before | wrote this article reported that when it comes to science- 
related articles, Wikipedia is only slightly less accurate than Encyclopaedia 
Britannica. Given that Britannica is written and edited by paid experts, while 
Wikipedia relies on volunteers (who may, of course, still be experts), it is clear 
that wikis do not necessarily lead to the chaos that | feared. 

That said, | have a strong feeling Wikipedia’s reputation was pre- 
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served not because of the public's inherent love for wikis, but because 
of a dedicated team of Wikipedians who operate behind the scenes to 
ensure that the content is viable. 

As | wrote above, there are many options for creating a wiki on your 
own Web server. One of the best-known packages is the same one that 
powers Wikipedia, known as MediaWiki. In this article, we discuss how 
you can install MediaWiki on your own server, how you can create and edit 
static content and how you can even create dynamic special pages. 


Installing MediaWiki 

Although Wikipedia contains an enormous amount of text, the MediaWiki soft- 
ware on which it runs is surprisingly small, straightforward to understand and 
easy to install. The software itself is written in PHP, and it relies on a MySQL 
database for content and indexing. That is, none of the pages on a MediaWiki 
site exist as files on disk; instead, they are created on the fly by the PHP pro- 
grams, bringing together a number of elements for each individual visitor. 

To install the MediaWiki software, you thus need a server running both 
PHP and MySQL. PHP works on a number of platforms, but we will 
assume, for the purposes of this article, that you are using the Apache 
server with relatively recent versions of PHP (at least 4.1.2, although 4.3 is 
preferred) and MySQL (at least 3.2.x, but 4.0.x is preferred). Most modern 
Linux distributions either include PHP and MySQL or make them available 
from on-line repositories without too much trouble. You need administra- 
tive privileges for both Apache and MySQL in order to install MediaWiki. If 


you don’t run your own server, you might need to ask the system adminis- 
trator for some help in modifying the appropriate configuration files. 

Although you can download the MediaWiki software directly from 
SourceForge, you should look for it on the main MediaWiki site, 
www.mediawiki.org. Once on that page, click on the versions and down- 
load link (on the right side of the page), and then on the appropriate link 
for the current stable release. Download an older or experimental release 
only if you understand the problems that might be associated with it. 

The software comes as a .tar.gz file containing the version number. 
For example, the file that | downloaded is called mediawiki-1.5.3.tar.gz, 
indicating that | downloaded version 1.5.3, current as of December 21, 
2005. Keep that file in a temporary location (| generally prefer to put 
such files in a directory named /downloads); we will return to it after 
taking care of our Apache configuration. 

If your site will run only MediaWiki software, there is probably no rea- 
son for you to modify your Apache configuration file, traditionally named 
httpd.conf. In such cases, you can unpack the .tar.gz file in your site's 
htdocs directory, as described in the instructions on the MediaWiki site. If 
your distribution uses another directory as its document root, you'll obvi- 
ously have to adapt to your distribution’s preferences. 


Virtual Servers 
If you want to put the MediaWiki installation in a virtual server on an existing 
Apache installation, you need to modify the Apache configuration file to cre- 
ate a new virtual host on your system. Modern versions of HTTP require that a 
Web browser request a document from a specific hostname. The virtual host 
feature in Apache allows one Web server to serve documents for many differ- 
ent hostnames, even when all of the names resolve to a single IP address. If 
you just want to try MediaWiki without affecting the rest of your site, or if the 
majority of your site runs under a framework (such as Zope or Ruby on Rails) 
that is largely incompatible with MediaWiki, a virtual host might well be a 
wise move. | often use such virtual hosts to experiment with new software 
and configurations without potentially endangering existing, stable sites. 
Apache's VirtualHost sections allow you to configure one or more such 
virtual servers, each with its own configuration. In configuring MediaWiki 
for my system, | needed the following VirtualHost section in httpd.conf: 


<VirtualHost 69.55.225.93> 


ServerName wiki.lerner.co.il 
ServerAlias mediawiki.lerner.co.il wikipedia.lerner.co.il 
ServerAdmin reuven@lerner.co.il 


DocumentRoot /usr/local/apache/v-sites/wiki.lerner.co.il/www/ 
DirectoryIndex index.php 


CustomLog 
/usr/local/apache/v-sites/wiki.lerner.co.il/logs/access-log combined 
CustomLog 
/usr/local/apache/v-sites/wiki.lerner.co.il/logs/referer-log referer 
ErrorLog /usr/local/apache/v-sites/wiki.lerner.co.il/logs/error-log 


</VirtualHost> 


The first two lines of this VirtualHost section define the name and 
aliases for this new virtual server. By adding aliases, | ensure that even 
if people enter a different name, they will get to the right place. 
(Because | have asked my hosting company to alias all hostnames in 
the lerner.co.il domain to my server's IP address, | can add and remove 
new virtual hosts whenever | want, without having to modify the DNS 
configuration.) | then set ServerAdmin to be my own e-mail address, 
ensuring that error messages will direct people to me. 

Next, | indicate that the root directory for the wiki—that is, where 
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Apache should look for the PHP programs that define it—is under 
/ust/local/apache/v-sites, where | put all of the virtual servers on my machine. 
Each site then gets a subdirectory according to its name, with two directories 
(www and logs) under that. So in the above configuration, | have defined 
the DocumentRoot to be under v-sites/wiki.lerner.co.il/www, and | have put 
the access, referer and error logs under v-sites/wiki.lerner.co.il/logs. 

Once | have added the above configuration to httpd.conf, | restart 
Apache. At this point, I'll get an error if | go to http://wiki.lerner.co.il, 
as | haven't yet installed the software. 

To install the MediaWiki software, | download the latest .tar.gz file, 
and open it in the v-sites/wiki.lerner.co. il: 


cd /usr/local/apache/v-sites/wiki.lerner.co.il/ 
tar -zxvf /downloads/mediawiki-1.5.3.tar.gz 
mv mediawiki-1.5.3 www 


After doing that, | pointed my Web browser to http://wiki.lerner.co. il, 
and got a message saying that | still needed to configure the software. But 
the permissions weren't set quite right, meaning that MediaWiki was 
unable to write to its configuration directory. Rather than aborting with a 
hard-to-understand error message, MediaWiki kindly told me that there 
was a problem with the filesystem permissions, and it even reminded me 
how to use chmod to fix the problem. 

After having changed the permissions, MediaWiki then showed me the 
initial configuration screen. To be honest, | didn’t have to do very much; | 
entered the name of my wiki (ReuvenWiki), and | kept the defaults for 
nearly everything else. | entered a password for the WikiSysop user within 
the wiki system itself. And, | entered a password for the database user and 
also entered the password for the MySQL administrative user. 

Remember, you're keeping track of three types of user names here, 
which can be a bit tricky. Your Linux system has one set of users and 
permissions, MySQL has its own set of users and permissions, and the 
MediaWiki software also has its own set of users and permissions. 
Although this might seem like overkill, it provides a great deal of flexibility, 
allowing you to run MediaWiki in a safe, secure environment. 

Once | filled out all of the above information, | clicked on the 
Install! button. Unlike many Web applications, which produce output 
only when they have finished with their work, the MediaWiki installer 
kindly provides updates as the installer is running, giving you a sense of 
what it is doing and how much longer you might have to wait. In the 
end, you should (hopefully) see a note indicating that the installation 
was successful, and that you should move config/LocalSettings.php into 
the parent directory (the www directory): 


mv -v config/LocalSettings.php . 


Having done that, | can re-enter the URL (http://wiki.lerner.co.il) into 
my Web browser. And, sure enough, I’m greeted by MediaWiki's initial 
page, which tells me that the software has been installed successfully and 
points me to two pages, one for customizing the interface and another 
describing usage and configuration. 


Basic Navigation and Editing 
If you have ever used Wikipedia, navigating through a MediaWiki site will 
be extremely familiar to you. If not, the basic rules are as follows: clicking 
on a link within a page brings you to another page within the MediaWiki 
site. The exception is when the link is followed by an arrow icon, which 
indicates that the link will open a site on another server. All pages on the 
site are not only viewable by the general public, but they also are editable. 
If you want to change the contents of a page, click on the Edit link (at the 
top of each MediaWiki screen), modify the contents as you see fit, and 
then click on the Save button when you are done. 

MediaWiki tries to make it as easy as possible for users to participate 
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without having to understand the technical side of things. It’s thus 
unnecessary for end users to know HTML; they instead can click on a 
variety of buttons (and use a simplified formatting system) to format 
postings they make to the system. For example, entering [[Foo]] creates 
a link to the page Foo, regardless of whether it already exists. And, 
entering a link of the form [[Foo | This leads to Foo]] inserts a link to the 
Foo page, but with the text “This leads to Foo”. 

More important than MediaWiki’s simple markup language is the fact 
that every change made to the system is kept in an easy-to-use version- 
control system. By clicking on the History link on a given page, even a non- 
technical user can view previous versions of a page, see who has made a 
given change or compare two versions of a particular document. In addi- 
tion, users can set up watch lists, such that the user receives an e-mail 
message every time a page is modified. This allows users with particular 
nterests and expertise to keep up with the latest updates to a given page 
and to monitor the content for potential damage. 

By default, the left side of every page contains a short menu of com- 
monly accessed links, including the main page (home page) of the wiki, a 
list of recent changes, a random existing page and the documentation. 
There is also a search box on the left side. Entering a text string and click- 
ng on the Search button brings up a list of documents whose titles and/or 
contents match the target string. Because MediaWiki contents are all in 
the MySQL database, and because modern versions of MySQL have built-in 
text-indexing routines, such searches are relatively speedy. 

Each page in a MediaWiki site has a URL that begins with the overall 
site URL (in my case, that would be http://wiki.lerner.co.il), followed by 
index.php/, and then the title of the page. Page titles may contain spaces, 
in which case the URL replaces each space with an underscore character. 
The page named Reuven Lerner on my server would thus have a complete 
URL of http:/Awiki.lerner.co.il/index.php/Reuven_Lerner. Somewhat frustrat- 
ingly, MediaWiki URLs are case-sensitive, which means that entering an 
incorrectly capitalized word can result in the creation of a new page. 
Remember, a wiki never produces a true “not found” error, because you 
(the visitor) might well be interested in starting that very page. 

There is no hierarchy to pages in a MediaWiki site. There is a single 
namespace, which can potentially lead to confusion. To reduce ambiguity, 
pages may contain additional information in parentheses (which are then 
part of the URL). Or, users can create a disambiguation page, which con- 
tains links to a number of pages with similar or identical names. 

If you want to allow users to upload images, you need to modify the 
LocalSettings.php file that should now exist in your server’s DocumentRoot 
directory. In the version | installed, line 73 of LocalSettings.php (just 
beneath a relevant comment in the PHP code) contains a commented-out 
definition of $wgEnableUploads, setting it to true. By uncommenting this 
line, you allow users to upload images to the server. These uploads will be, 
by default, in the images subdirectory (www/images), whose permissions 
must be writable by the Apache process. 

Once you have turned on the uploading of images, logged-in users will 
be able to upload them with a two-step process. First, they click on the 
insert image button when editing a wiki page, or manually insert tags of 
the form [[lmage:Example.gif]]. (Images all have the Image: prefix in 
MediaWiki, but there is a single, flat namespace for images, as is the case 
for textual content pages.) Once users have finished editing the page, they 
can then click on the missing image link. This will bring them to an HTML 
form allowing the missing image to be uploaded via the user's browser. 
Other types of documents can be uploaded in a similar way. 


Special Pages 

Wikis are a specialized form of content-management system (CMS). As such, 
they are programs whose goal is to display the most recent version of a gen- 
erally static document. This contrasts with many other server-side programs, 
whose content changes for each user and invocation. Of course, MediaWiki 
must scan each document as it is published, in order to generate the differ- 


ent URLs needed for the existing and new links mentioned within the body 
of the text. But for the most part, MediaWiki specializes in the easy creation 
and distribution of static content, rather than programmatic pages. 
However, MediaWiki’s authors recognized that they and others probably 
will want to create dynamically generated pages, and thus was born the 
Special: designation. Any page whose name begins with Special: is treat- 
ed—well, it's treated differently, populating the document body with the 
output of a PHP function. In order to create our own special page, we need 
to write a PHP function and then register that function with MediaWiki. 

The first step is to create a new MediaWiki extension, putting it in the 
extensions directory just under the MediaWiki DocumentRoot. (The basic 
MediaWiki distribution includes this directory, but it is normally empty 
after a fresh install.) We will create the file extensions/SpecialHello.php, 
which looks like this: 


<?php 
$wgExtensionFunctions[] = "wfExtensionSpecialHello"; 


function wfExtensionSpecialHello() 

{ 
global $wgMessageCache; 
$wgMessageCache->addMessages(array('hello' => ‘Hello page')); 


require_once('includes/SpecialPage.php') ; 
SpecialPage: :addPage(new SpecialPage('Hello')); 


The first line appends our function’s name ("wfExtensionSpecialHello") to 
the global array $wgExtensionFunctions, putting this function in the directory 
of extensions. Many MediaWiki extensions change the output from certain 
tags; in this case, we are looking to create an entire page, rather than modify 
the behavior of a tag. Nevertheless, we are creating an extension. 

Next, we define our function. The first thing that we do is modify 
$wgMessageCache, such that our extension will look like a special page rather 
than a tag-modifying extension. The special page will continue to work if we fail 
to include these initial two lines, but its listing on Special:Specialpages will look 
odd, with the title coming between < and > brackets as if it were a tag. Note 
that the page name must begin with a lowercase letter in the call to 
addMessages, even when it is capitalized in the call to SpecialPage::addPage. 
Failing to note this quirk of capitalization will result in strange page titles. 

The final two lines import the code specific for special pages, and then 
create an instance of such a special page, adding it to the directory. 

Just what our special page does depends on another file of the same 
name (that is, SpecialHello.php), located in the includes directory that is 
parallel to extensions, just under the MediaWiki DocumentRoot. This direc- 
tory contains a large number of standard special pages that come with 
MediaWiki, including SpecialNewpages.php, SpecialUserrights.php and 
Speciallmagelist.php. These functions can access the back-end MySQL 
database, perform calculations and access external sites—and then pipe 
the results back into a standard MediaWiki output page. 

Here is a simple version of what we might put into our 
includes/SpecialHello.php file: 


<?php 
function wfSpecialHello() { 
global $wgOut; 
$wgOut->addHTML('Hello, world'); 
} 


?> 


The above function, which is invoked whenever we go to the Special:Hello 


page, adds the HTML “Hello, world” to the output. Notice that we don’t have 
to begin, end or otherwise modify the HTML file that is sent to the user. Nor 
do we need to worry about choosing a skin, setting up menus or other details. 
However, we do need to be careful about whitespace, as is often the case with 
PHP programs—failing to trim whitespace before the initial <?php tag might 
well produce odd error messages from PHP about modified headers. 

Finally, we register our extension and special page in the 
LocalSettings.php file, adding the following line: 


require_once("extensions/SpecialHello.php") ; 


Once you have put the above in place, your site should now have a 
Special:Hello page, listed as Hello when you visit Special::Specialpages. 


Conclusion 

Wikipedia has generated a number of headlines over the last few months, 
and its future as a reliable, neutral, volunteer effort remains to be deter- 
mined. But Wikipedia has demonstrated the power that a wiki can bring to 
an organization looking to collect information from a wide variety of par- 
ticipants. If your organization would benefit from a centralized repository 
created in a decentralized manner, a wiki might just fit the bill. 

And, although MediaWiki is far from the only available package, it is highly 
polished, reliable and easy for both administrators and users. Producing new 
dynamic pages, known as special pages in the MediaWiki world, requires a fair 
amount of knowledge of the underlying system. But, getting started is not that 
difficult, and it is possible (and desirable) to take advantage of the tremendous 
infrastructure that MediaWiki brings to the table.m 


Reuven M. Lerner, a longtime Web/database consultant, is currently a PhD student in Learning Sciences at 
Northwestern University in Evanston, Illinois. He and his wife recently celebrated the birth of their son Amotz David. 
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Podcasting for 
the Penguin! 


Jon and Kelly have 
the Audacity to 
create high-quality 
podcasting content 
on a tight budget. 


Jon Watson 


Kelly Penguin Girl and | have been producing 
the weekly GNU/Linux User Show podcast 
(www.linuxuser.thepodcastnetwork.com) since June 
2005. We're just about to hit show #30, which | think 
makes us one of the oldest running GNU/Linux podcasts 
aimed specifically at new GNU/Linux users. We've moved 
on to other things and no longer host the show, but it’s 
been a long, fun journey, and we've learned a lot. 

The technical aspects of podcasting on GNU/Linux 
are on par with podcasting on any other OS, but 
there are some cultural differences. Podcasting to 

the Free/Libre/Open-Source Software (FLOSS) 

community requires a sensitivity of the com- 
munity’s values. In short, a podcaster that 
intends to podcast to the FLOSS community 
should really be part of the community. The 
community wants to be talked with, not 
talked at. Trespassers will be shot. 

We record our shows on either a 
Kanotix or Linspire box (depending on 
where we are in the house) using a set 

of $25 US NeXXt headsets and two pairs 

of Y-cables. We thought about getting 
a mixer, but so far the Y-cables have per- 
formed flawlessly, so we don’t see the need to 
spend the extra money on unnecessary gear. 

| always find it quizzical why so many podcasters 
recommend spending $200 US or more on gear. We've 
spent less than $100 US since day one on three sets of 
headsets and a standalone microphone. One of the 
lessons that blogging has taught us is that content is 
king, not the pretty bells and whistles around the content. 
Although there is certainly a minimum level of quality 
expected by listeners, the content is what drives the show, 
not the benefits of shiny microphones and mixers. 

Application-wise, we use Audacity to record and 
edit the show, and EasyTag to insert the ID tags in 
preparation for file upload. 
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Audacity 

The real workhorse of our show is Audacity. 
Audacity is a wonderful digital audio work- 
station (DAW) application that is not only 
licensed under the GNU GPL and available on 
SourceForge, but it is also available for all 
major OS platforms. Audacity has served us 
well for recording our shows, editing the 
audio streams, adding effects, importing and 
aggregating other audio streams and for- 
mats, and finally allowing us to export our 
show in a variety of different formats. 
Audacity supports Ogg Vorbis encoding out 
of the box, and it will support MP3 encoding 
via the LAME encoder (separate download). 

One of the killer features of Audacity is 
the wide range of audio formats it is capable 
of importing. Over time, we've had to incor- 
porate audio from many sources, such as 
individual listeners, promo clips from adver- 
tisers, audio clips from other shows and 
downloaded clips from the Internet. Without 
Audacity’s ability to import everything we've 
thrown at it, we would have been dead in 
the water many times over. 

We generally record the show in many 
parts. Some are recorded days apart, and 
some only seconds apart. Regardless, 
Audacity represents each of these parts as a 
graphic sound wave, and each of these waves 
can be manipulated individually (Figure 1). 

This intuitive feature makes the post-pro- 
duction of our shows a snap. The tools we 
use the most are the time-shifter, which 
allows movement of individual audio parts to 
snug them up together and kill any dead 
space, and the insert silence tool. The insert 
silence tool may sound innocuous, but it’s 
very handy for extending little dead spots to 
fit around another sound clip. 

Audacity also features a very complete set of 
options that allow granular control of the final 
audio file quality and size (Figure 2). 

Podcasts generally are mostly speech and 
can therefore be exported at low quality with- 
out any appreciable degradation. The Podcast 
Network's standard is 48Kbps and 22KHz. We 
used to put out only MP3s of our show, but 
after Richard M. Stallman came on lucky show 
#13 and asked us also to produce Ogg Vorbis 
files, we started doing that as well. It took me 
a while to understand the Ogg Vorbis compres- 
sion technique, and our first few Oggs were 
twice as big as the same show's MP3 file. That 
didn’t make us very popular, let me tell you! 
Here's the secret: in Audacity, there is no bit 
rate setting for Ogg Vorbis files. Rather, there 
is a Slider from 0 to 10. A setting of 0, 
although counter-intuitive, creates a perfectly 
usable Ogg Vorbis file. 
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Figure 2. Speech doesn’t need the 44KHz sample rate associated with music. 


EasyTag 

Once the show is created and exported, it’s criti- 
cal to put the ID tags into the file. The ID tags 
provide the information that scrolls across the 
screen of listeners’ digital audio players (DAP) or 
their digital audio applications. Without ID tags, 
listeners would be hard pressed to figure out 
what show and episode they're listening to. This 
information isn’t necessary only for logistics, it’s 
also critical for promoting your podcast. 
Listeners can't come back to find your next 
show if they don’t know what the heck they're 


listening to. 

Audacity has the ability to manage ID tags, 
but supports only a few fields. The Podcast 
Network standards required us to supply data 
for more than those few fields. Therefore, we 
had to turn to an external tagging application. 

We went through a few different tagging 
applications and finally settled on EasyTag. 
EasyTag is a nice application that does one thing 
and does it well. It tags the heck out of Ogg 
Vorbis and MP3 files. EasyTag is GNU GPL’d and 
also available from SourceForge. 
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There's a real science to tagging podcasts and 
EasyTag has many more features than we use. Along 
with the basic functionality of embedding IDv2 and 
IDv3 tags in both MP3 and Ogg Vorbis files, EasyTag 
can be set to scan entire directories of audio files and 
auto-fill in the tags. Because we produce a podcast 
only once a week, we don’t have a lot of use for 
these advanced features. But, if | had a hard drive full 
of nontagged music files, EasyTag’s scanning feature 
would be very, very useful. 

Aside from the technical aspects of tagging files, 
there are many different schools of thought on what 
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information should go in to each tag. Most audio 
players scroll the title, artist and length of the file at a 
minimum across the screen while playing. Although 
the title and artist are generally pretty easy to figure 
out, the title tag requires more thought. Some pod- 
casters put the name of the show and the date it was 
produced into the title tag. Others feel that the 
sequence number of show is more important than 
the date. Both sides typically argue that it's easier for 
a listener to keep track of a (sequence number or 
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Figure 3. The name EasyTag is appropriate as it makes tagging our MP3 and Ogg files so easy. 
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| date) than a (date or sequence number). 


Podcatchers 

This argument was likely more important in the 
beginning of podcasting, because podcatching software wasn’t as 
advanced as it is now. What makes a podcast a podcast is that it is 
delivered via an RSS feed. An MP3 (or Ogg file) that is just linked to 
download on a Web page is just an audio file on the Web, not a 
podcast. Podcatcher is the affectionate name given to the genre of 
software that listeners can use to subscribe to these RSS feeds. Once 
you subscribe to a podcast, the podcatcher should check each show 
for new episodes and download them automatically. There are varying 
degrees of complexity in today’s podcatchers, but most offer at least 
the check and download new episodes functionality. 

One of the more popular GNU/Linux podcatchers is BashPodder [see 
Marcel Gagné’s article on page 32 for more information on BashPodder] 
written by Linc Fessenden of The Linux Link Tech Show. Along with the 
basic BashPodder, Linc also wrote BPGUI, which is a nice GUI front end for 
the command-line BashPodder client. In true community fashion, Linc 
released BashPodder under the GNU GPL, and many people have made 
modifications to the base application. A quick Google search for the term 
BashPodder shows the wide variety of improvements and changes the 
community has made to it. Whatever your taste, it’s likely that you will be 
able to find a flavour of BashPodder that meets your needs. 

The stable of podcatchers for GNU/Linux is growing as podcasting 
becomes more popular. CastPodder [see Marcel Gagné's article on page 32 
for more on CastPodder] is another popular podcatcher, and even amaroK 
has podcatching capabilities. 

| cannot stress enough that content is what listeners tune in for. Audio 
quality is important, but it's not the Holy Grail. Good guests, solid content, 
credible hosts and regular production are what build an audience. 

Happy podcasting! m 


Jon Watson is the host of the weekly GNU/Linux User Show on The Podcast Network. Jon has written 
articles for Really Linux, Linux Journal, has been interviewed on the topic of podcasting for Alberta 
Venture Magazine and is slated to speak at the Calgary Linux User Group Linuxfest in spring of 2006. 
In his spare time, Jon also writes the New Linux User (www.newlinuxuser.com) blog for b5 Media 
(www.b5media.com) and can be contacted at me@jonwatson.ca. Jon lives with his fiancée and 
co-host Kelly Penguin Girl in mountainous Calgary, Alberta, Canada. 
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Build a personal 
blog aggregator 
using the same 
code that powers 
many “Planets” 
sites, such as 
Planet Apache. 
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allows on-line communities to build a central Web page easily, aggregating 
blogs from people in their community. The Planet code powers such community blogs as Planet 
GNOME and Planet Apache. Such on-line uses of the Planet code provide a low cost of entry for 
people to keep an eye on a community. This article focuses on using the Planet code on your 
local machine to create your own custom blog aggregator. 


Installation 

The Planet code requires Python 2.2 or later. The simplest method to install Planet is to down- 
load a nightly snapshot tarball from the planetplanet.org Web site and extract it to your home 
directory. | tend to rename the extracted planet-nightly directory to include its day of download 
and use a handy link to the current version of Planet Me. 

In this article, I've used references to the path of my home directory a few times; remember 
to substitute your own home directory in the examples. 

The two final commands in Listing 1 show how to fetch current news feeds and set up your 
initial Planet. The commands will vary depending on things such as whether or not you have to 
use a proxy server to access the Internet. After running these commands, you should have a 
Planet Me viewable in your Web browser at ~/planet/me/index.html. After doing these steps, 
your planet should look similar to Figure 1. 

You'll want to customize which news feeds you are viewing. This is done at the end of 
me-meta/config.ini. The configuration file defines a section by text surrounded by square brackets. 
Options for a section follow its initial definition as key=value pairs. You define each blog to aggregate 
in a section where you specify the URL of the RSS feed for the section name. See Listing 2 for an 
example from the default config. ini file. 

The name will be shown in the header for each aggregated post from that blog, and the 
face image will be on the right side when using the default HTML templates. The facewidth and 
faceheight are optional by default. 
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Figure 1. A New Running Planet Installation 


Listing 1. 
Installing Planet 


cd ~ 

tar xjvf planet-nightly.tar.bz2 
planetdated=planet-$(date +'%d%b%y') 
mv planet-nightly $planetdated; 

In -s $planetdated planet 

cd planet 

cp -av fancy-examples me-meta 

cd me-meta 

cp ../examples/*.xml* 


FAFA A AFH Aw 


edit config.ini 

name Planet Me 

link file://home/ben/planet/me/ index.html 
Owner_name = John Doe 

owner_email = root@localhost 


# later ini the file 

# template_files should all be on one line 
template_files = me-meta/index.html.tmpl 
me-meta/rss20.xml.tmpl me-meta/rss10.xml.tmpl 
me-meta/opml.xml.tmpl me-meta/foafroll.xml.tmpl 


# later in the file change 

# fancy-examples/index.htm1.tmpl 
[me-meta/index.htm1.tmpl] 
items_per_page = 30 


CG) 
mkdir cache 


In -s output me 


Without proxy 
python planet.py me-meta/config.ini 


Using a standard squid proxy on "dairiserver" 
http_proxy=http://dairiserver:3128/ \ 
python planet.py me-meta/config.ini 


Listing 2. 
Sample Aggregation Definition 


[http://www. gnome. org/~jdub/blog/?flav=rss] 
name = Jeff Waugh 

face = jdub.png 

facewidth 

faceheight 


Listing 3. 
How to Get the Image from Slashdot 


$ cd ~/planet/me/images/ 
$ wget \ 
http://images.slashdot.org/topics/topicslashback. gif 


# convert is from ImageMagick 
$ convert topicslashback.gif slashdot.png 
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Listing 4. 
Create a Definition to Use the Slashdot Icon 


$ edit ~/planet/me-meta/config. ini 
[http://rss.slashdot.org/Slashdot/slashdot] 
name = Slashdot 

face = slashdot.png 


$ cd ~/planet 
$ python planet.py me-meta/config. ini 


Listing 5. 
Set Up a cron Job to Aggregate Blogs 


$ mkdir -p ~/mycron 

$ cd ~/mycron 

$ vi upd-planet.sh 

#!/bin/sh 

cd ~/planet; 

http_proxy=http://dairiserver:3128/ \ 
python planet.py me-meta/config.ini 

$ chmod +x upd-planet.sh 

$ echo \ 

"oo 04 = * 
>|upd-planet.cron 


* /home/ben/mycron/upd-planet.sh' \ 


# only if you already use cron from outside ~/mycron 
crontab -1 >|oldcrontab.cron 


cat *.cron >|newtab 
crontab newtab 
rm -f oldcrontab.cron 


Listing 6. 
Generate files to define the blogs to aggregate. 


cd ~/planet/me-meta 

mv config.ini config.ini.template 

edit config.ini.template 

remove all blog URL sections from the bottom of file 
search for http: to find the first one 


mkdir blogs 

echo http://rss.slashdot.org/Slashdot/slashdot \ 
>blogs/slashdot.blog 

./generate-config 


Many sites provide handy topic icons that can be used to spruce up your 
Planet Me. For example, in Listing 3, | use one of the Slashdot section icons 
(see the on-line Resources) for news items taken from Slashdot's RSS feed. 

Assuming you use the Planet setup as described in this article, the topic 
icons are stored in ~/planet/me/images. You can see the setup for my 
Slashdot topic icon in Listing 3. 

Listing 4 shows the new section to append to the config. ini to inte- 
grate the Slashdot icon into your Planet Me. 
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Listing 7. 
Use the files to create a blog aggregation configuration. 


#!/bin/sh 


cp -av config.ini.template config.ini 
for if in blogs/*.blog 
do 
base=$(basename $if .blog); 
content=$(cat $if); 
eeho "" >> contigciai 
echo "[$content]" 
$base" 
$base.png" >> config.ini 


>> config.ini 
echo "name >> config.ini 


ecto “face 


Listing 8. 
Set conditions for your output with the TMPL_IF tag. 


<IMPLOUF titles 

<a href="<TMPL_VAR Link ESCAPE="HTML">"> 
<TMPL_VAR title> 

</a> 

</TMPL_IF> 


Dynamic Content 
Now you need to have the Planet code run to aggregate blogs, and make 
it easy to modify the list of blogs to aggregate. 

You can solve the regular aggregation by using cron. Listing 5 shows 
how to have Planet Me updated every night. 

It is easy to add and remove blogs if you keep a list of blog definition 
files instead of trying to manage the configuration file itself manually. You 
can use the generate-config script shown in Listing 6 to move the blog 
name and URLs into very simple files in a blog subdirectory. 

You can use a file manager or the command line to add or remove 
files that determine the configuration of your aggregation scheme. 
This also paves the way for a simple Firefox extension to allow new 
RSS feeds to be added to Planet Me from a context menu. Handling 
archives as shown later is also simplified by moving the blog informa- 
tion out of config.ini. 


Updating the Look and Feel 

The two files that control how your planet will look are 
me-meta/index.html.tmpl, which is the template for the page content, 
and me/planet.css, which is the cascading stylesheet. 

By default, the face, entry, date and sidebar all define styles that can be 
changed using the stylesheet. You can use custom fonts by modifying the 
font-family CSS tag. 

The index.html.tmpl template has extra tags that the Planet code uses 
to generate the final index.html file. The main tags of interest are 
TMPL_LOOP, TMPL_IF and TMPL_VAR. The news feeds are placed into the 
output page using the <TMPL_LOOP Items> HTML-like tag and its corre- 
sponding close tag. The HTML elements between these two tags will be 
output once for each news item to be displayed. These elements define 
what and how output is generated for each news item. 

The Planet code uses these variables to get at the news feed 


Listing 9. 


New Channel Items Section for ~/planet/me-meta/index.html.tmpl 


<TMPL_LOOP Items> 

<TMPL_IF new_date> 
<h2><TMPL_VAR new_date></h2> 
PPLE 


<div class="news-item-icon"> 
<a href="<TMPL_VAR channel_link ESCAPE="HTML">" 
title="<TMPL_VAR channel_title ESCAPE="HTML">"> 
<TMPL_VAR channel_name> 
<br/> 
<img class="embedded-face" alt="" 
src="images/<TMPL_VAR channel_face ESCAPE="HTML">" > 
</a> 


</div> 


<div class="news-item"> 

<IMF LOE eitle> 

<h4><a href="<TMPL_VAR Link ESCAPE="HTML">"> 

<TMPL_VAR title></a></h4> 

</TNPL_ IFS 

<div class="entry"> 

<p> 

<TMPL_VAR content> 

</p> 

<p class="date"> 

<a href="<TMPL_VAR Link ESCAPE="HTML">"> 
<TMPL_IF creator>by <TMPL_VAR creator> at </TMPL_IF> 
<TMPL_VAR date></a> 

</p> 

</div> 
</div> 


</TMPL_LOOP> 


content. For example, it replaces the <TMPL_VAR title> tag with the 
actual title of the current news item. Note that TMPL_VAR doesn’t 
have a corresponding close tag. 

The TMPL_IF tag is used to check whether information exists or to 
set specific conditions. For example, sometimes news items do not have 
title information. The code in Listing 8 will output title information if it 
exists, and output nothing if a title does not exist. The escape attribute 
on the TMPL_VAR tag tells Planet to make sure that the value of the 
link variable is in a form that is a legal HTML attribute. 

You'll have to edit both the me-meta/index.html.tmpl and CSS files to 
move the channel icon to the left of the news item with Planet Me. 

By default, your index.html.tmpl will display the channel icon only 
when the current news item is from a different channel than the one 
preceding it. 

I've removed the <TMPL_IF new_channel> tags from around the out- 
putting of the face image information in the fragment of index.html.tmpl 
shown in Listing 9. | also used a CSS class of news-item-icon for the chan- 
nel image and news-item for the main news post section and a new class 
of embedded-face for the actual channel image. 

Shown in Listing 10 is the new stylesheet code to set the channel 
image on the left of the news item. Your Planet Me should now appear 
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Listing 10. Listing 12 
New Styles to Add to ~/planet/me/planet.css How to Archive News Feeds on a Repeated Basis 


div.news-item-icon { $ cd ~ 
float. Lett; $ unzip Jena-2.3.zip 
position: relative; $ edit ~/.bashrc 
left: 4px; # append a handy classpath setup 
margin-top: 25px; JenaSetup() { 
padding: © 20px 30px 0; for if in ~/Jena-2.3/lib/*.jar; do 
width: 120px; export CLASSPATH=$CLASSPATH: $if ; 
text-align: center; done 


. ~/.bashre 
div.news-item-icon a { JenaSetup 
text-decoration: none; 
archive news feed 
repeatable three step 
div.news-item { cd ~/planet/me 
margin-left: 140px; mv -f archive.xml rssl0-archive. xml 
java jena.rdfcat rssi1Q*xml >archive.xml 


like Figure 2. If you prefer your channel icons to the right of the news 


Listing 11. item, change the stylesheet to have news-item-icon’‘s float tag be right and 
Another Way to Use TMPL_IF news-item’s margin-left be Opx. 

The face=whatever.png line used in the channel definition files is not 
<TMPL_IF channel_foo> special to Planet. You can define any other variables you want on a per- 
Have foo:<TMPL_VAR channel_foo ESCAPE="HTML"> channel basis, and they will be available for use in your index.html.tmpl. 
</TMPL_IF> For example, Listing 11 shows the use of an optional variable foo, which 


might be defined for a channel as foo=bar after a channel description in 
your config. ini file. 

Another great way to learn how to customize your Planet Me is by vis- 
iting other Planet Web sites. Examine their HTML and CSS files to learn 
how they modified the look and feel. 


Keeping and Viewing Archives 

The Planet code was designed to aggregate news feeds from many 
sources and supply a recent history of them on a single page. For local 
use with Planet Me, it is nice to be able to see a news feed for an 
arbitrary period in the past. 

Your Planet Me will create a valid RSS RDF news feed that you can 
use to archive your Planet. All things in an RDF file revolve around 
triples. The three parts of a triple are referred to as the subject, predi- 
cate and object. An example triple might say that a news item has a 
given publication date, for example, item57 has-date 3-Jan-2006. An 
RSS news feed defines a news channel, associates that channel with a 
list of news items and defines interesting properties for each news 
item, such as its title, publication date and text content. Usually things 
like has-date are defined using long URIs to avoid two triples acciden- 
tally having the same literal value. 

An easy, yet powerful way to archive your Planet's RSS is to use the Jena 
Project. Once you have a Java virtual machine installed, all you need to install 
Jena is to download a tarball, extract it and add it to your classpath. 

Figure 2. My Sample Planet Site with a Customized Template and CSS File Shown in Listing 12 are the installation steps and repeatable archiving 
process for news feeds. You could place your news feed archive into a 
database using Jena if you are collecting many feeds over a long time. 
Jena gives you the ability to use very powerful queries against your archive 
to re-create your Planet. 
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Listing 13. 
Use Jena to query your Planet Me site. 


$ cat rss-by-date.sparql 


PREFIX 
PREFIX 


dc: <http://purl.org/dc/elements/1.1/> 
xsd: <http://www.w3.org/2001/XMLSchema#> 


DESCRIBE ?channel ?bnode ?a WHERE 


{ 


?channel ?items ?bnode . 


?bnode ?hasitem ?a . 


?a dc: 


date ?date . 


FILTER ( xsd:dateTime(?date) 

>= xsd:dateTime("2006-01-03T00:00:00") 
&& xsd:dateTime(?date) 

<= xsd:dateTime("2006-01-05T00:00:00") ) 


$ cd ~/planet/me 


$ java 


jena.sparql --data archive.xml \ 


--query rss-by-date.sparql --results RDF/XML \ 


>my-query-result.rss 


Listing 14. 


Use Jena query results to modify your Planet Me aggregation. 


$ cd ~/planet/me-meta 


$ cp -av config.ini.template config.ini 


$ echo 


"[file: 


\ 
///home/ben/planet/me/my-query-result.rss]" \ 


>>config.ini 


echo 


"name = archive" >>config.ini 


cd ~/planet 
rm -f cache/file.home* 


python planet.py me-meta/config.ini 


Listing 15. 
You can use regular expressions as filters. 


PREFIX 
PREFIX 
PREFIX 
PREFIX 


dc: <http://purl.org/dc/elements/1.1/> 

xsd: <http://www.w3.org/2001/XMLSchema#> 

rss; <htte:y/ purl yore ress ey> 

content: <http://purl.org/rss/1.0/modules/content/> 


DESCRIBE ?channel ?bnode ?a WHERE 


{ 


?channel ?items ?bnode . 


?bnode ?hasitem ?a . 


?a content:encoded ?content . 
FILTER ( regex(?content, ".*product.*", "i") ) 


} 


Listing 13 shows a simple time interval query for news feeds. This 
query is in the SPARQL query language, which is used for querying RDF 
repositories. The core of the query links the channel, news item and date 
components before applying a filter to which news items are to be 
returned based on the date attached to that news item. 

We can now easily change Planet Me to use only your query results as 
input, as shown in Listing 14, because we moved the blog URLs and meta- 
data into separate files as explained above. 

The channel icons will all be the same using the above query, 
because you are querying a single news feed, your own. Another 
expression that can be used in the FILTER section is regex(). The example 
shown in Listing 15 filters all news items and shows only those that 
match the case-insensitive regular expression. 


Wrap-Up 

Planet Me is designed to be used for on-line community blog aggregation, 
but the Planet code can make a very effective blog aggregator for personal 
use. The Planet code is designed to create on-line blog aggregates that are 
viewed by a large amount of people. With some tinkering, the Planet code 
can make a very effective personal blog aggregator giving you the freedom to 
choose explicitly who is in your community as well as easily creating archives 
of your Planet and searching past news using a very powerful query language. 


Resources for this article: www.linuxjournal.com/article/8830.m 
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Figure 1. The Blog-City Home Page 


One combination free/pay blog site available on the Internet is Blog-City.com. 
This site runs on a farm of Dell PowerEdge Blade servers, each with six 
dual-CPU blades running Red Hat Linux 9. Blog-City.com runs Java's 
JDK 1.4.x underneath BlueDragon (www.newatlanta.com/products/ 
bluedragon). BlueDragon is the same ColdFusion Markup Language 
(CFML) application that runs MySpace.com. MySpace.com is the fifth 
largest Web site in the world. 

Blog-City offers no static content. It dynamically constructs every page 
as it is requested by pulling it from a MySQL 4.1.x database that is replicat- 
ed for both backup and administrative purposes. Blog-City uses MySQL 5.0 
for a caching server to speed up access time, and it uses MySQL 4.1.x for 
all of the access and referrer statistics. These separate database servers 
keep the load for particular types of access from bogging down other 
types of access. 

For Web service, Apache 1.3.x communicates with BlueDragon through 
mod_backhand (www.backhand.org/mod_backhand/) with a Java 
library the company wrote and then released back to the community to 
make sure that the load balancing works properly for the application 
server. The mod_backhand module load balances only the Web server by 
default. Blog-City uses additional mini-farms to produce RSS feeds and 
answer search engine queries. There is also custom software for handling 
spam, denial-of-service attacks and a bug-tracking system. All in all, 
Blog-City is an operation that is spread over a number of time zones and 
multiple continents, just like its users. 


Creating a Blog 
Before trying to create a blog in Blog-City, try various URLs in the format 
of word.blog-city.com to see which ones are already in use (for example, 
kleekai.blog-city.com). Once you find something you think is available, 
go to www.blog-city.com (Figure 1) and find the Free Signup box. 
Enter the name you want to use for your blog in the text box. For the 
above example, you would enter kleekai. Next, click Submit to open the 
Create New Blog dialog box (Figure 2) and walk through the rest of 
the blog creation process. 

Go to your blog's URL to log in to your blog for the first time. You also 


http://server1.blog-city.com - Greate New Blog - Mozilla Fire —. 0) X 
Create your FREE blog @ .blog-city.com 


Creating your free Blog couldn't be easier. First step is to choose the blog name you want to 
use and enter your email address. If you decide later to Change it, the option is available in 
your administration. 


Step 1: Pick Your Blog Name 


Blog Name hup:/|kleekai sblog-city.com 
Your Email | 
Initial Theme Baby Blues | 
Terms & Conditions ta Ghack here to signal your agreement to the jerms & 
Condition 
proceed to step2 »» 


Figure 2. The Blog-City Create New Blog Dialog Box 
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Figure 3. The Initial Klee Kai Blog Page 


can click through one of the links on the creation page or click one of the 
links in your confirmation e-mail. When you do, you will see your initial 
blog page (Figure 3). 

Enter your e-mail address and password in the Login Console text 
boxes, and then click Login. Once you reach the Main Administration page 
(Figure 4), bookmark it. This is where you need to go whenever you want 
to change something on your blog or check your statistics. Much like 
UNIX, there is often more than one way to get to a particular option 
through this interface. This article focuses on one path for each. 

The tabs across the top of this page lead to: 


™ Home: view Main Administration page. 


® Blog-lt: create a new blog entry. 
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@ Entries: view and delete existing posts, and see how many times each 
item has been read and commented on. Blog-City supports a variety 
of entry types, including regular blog posts, reviews, photo albums, 
events and podcasts. 


® Look’n'Feel: control your blog’s layout, themes, headers, menus 
and more. 


® Settings: alter your personal and blog settings. 
™@ Extra: access statistics, account details and more. 


Along the left, what you see depends on whether you have a premium 
(paid) account or not. The top grouping of links leads to: 


™ Home: the Main Administration page. 
® Write a new blog entry: the blog entry creation page. 


™ View Latest Comments: the most recent comments made to your blog, 
the entry to which they were made, when they were made and the 
ability to delete, reply or report them as spam. 


™@ View Latest Trackbacks: premium-only—rather than replying in comments, 
some people create trackbacks, which are essentially replies made on their 
own blogs. By clicking this link and then Change Your Trackback Options, 
you can tell Blog-City to send you an e-mail whenever a trackback is made. 


® View Latest Statistics: premium-only—takes you to your Statistics page, 
where you can view the most-read blog posts, the most-commented, 
how many hits you have had per month and within a month, the 
browsers that have been used to access your blog, what pages referred 
people to your blog and which are your top podcasts. 


® View Podcast Statistics: premium-only—see which are your most 
popular podcasts. 


™@ Manage Your LinkBlog: a LinkBlog is a list of links with comments displayed 
for each. This link lets you create a LinkBlog and manage its contents. It also 
provides the URL and RSS feeds where you and others can find the content. 
Beneath this group on the left are: 

® Hits since date: date is either when the blog was created or the last 
time you reset the hit counter. To reset the counter, click the date and 


then click OK. This action does not reset any other statistics. 


® Total Blog Entries: how many posts you’ve made on your blog, and a 
statistic of how many posts that makes per day. 


® Total Comments: how many comments people have posted. 

® Mailing-List Subscribers: how many people have signed up to receive e- 
mail notifications when you put up a new post. Click through the link 
to see non-anonymous subscribers. 


There are many more items in the Main Administration page, including: 


® Recently Published Entries: the last five blog entries you published. 
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Figure 4. The Blog-City Main Administration Page 


® Entries not yet published: entries you saved as drafts rather than publishing. 
™ My Notes: any notes you have created (go to Extra—Your Notes to do so). 
™@ News: the most recent News posting from the Blog-City staff. 

™@ TimeZone: your local time for you to check. 


® Quick Tip: a tip that may tell you how to do something you didn’t know 
you could do. 


® Additional information: includes pricing and availability of new features, 
such as podcasting. 


You'll find additional options related to RSS, posting by e-mail and 
more by clicking the Settings tab. Also, note the link to your own blog in 
the upper-left corner. At any time, you can click this link to view your own 
blog. Clicking through here makes sure that your test views aren't counted 
among your viewer statistics, which is a nice way to make sure they don’t 
get artificially inflated. 


It's All about Looks 
Most people want to get their blog looking the way they want it before 
they start to enter content. To do this, click the Look’n’Feel tab to change 
to the Main Blog Layout page (Figure 5). Here, you see a visual representa- 
tion of your layout with labels in place. Those that are clickable are items 
you can change. Those that aren't are for premium accounts. 

The links along the left of this page are: 


@ Main Blog Layout: the layout chart you’re looking at now. 


l™ Custom Home Page: premium-only—lets you design a new layout chart 
completely from scratch. 


Layout Style—lets you choose how the page should be laid out from a 
list of templates. Premium users get many more layout options. 


Theme Editor: lets you change your page’s theme. 


Menu Editor: premium-only—lets you create menus to appear on your 
site that can be used for navigation purposes. 


Bookmarks: lets you create bookmarked links and organize them. 
Visitor Polls: premium-only—lets you create polls to be added as portlets. 


News Feeds: premium-only—lets you set what RSS feeds to subscribe to, and 
then display it in a subset page (such as kleekai.blog-city.com/newsfeed), 
or in a portlet. 


Custom Portlets: premium-only—lets you create and manage portlets of 
your own using the HTML editor window. 


Blog Board: lets you access your Blog Board (portlet where users can 
leave quick messages or chat) content, clear it out or set delays on 
when comments will appear. 


Neighborhood: premium-only—lets you create a subpage (such as 
kleekai.blog-city.com/neighborhood) that contains a list of other blogs 
you track. You can mark this page to be linked off of your main page. 
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Figure 5. The Blog-City Main Blog Layout Page 


™@ eBAY Listing: premium-only—lets you show the latest items for sale in 
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AML 
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particular categories or by particular users. 
The links within the chart are: 


® Edit the blog’s META data: premium-only—opens a window letting you 
set the META tags for your blog. 


® Edit your main blog header: opens a window (Figure 6) that lets you 
edit the top of your blog page. Start by changing the Page Title, which 
you probably want to make a bit more expressive than just the single- 
word term in your blog’s name. Mark how you want the header to 
behave in the drop-down list box, and then below the formatting 
buttons, enter the rest of what you would like to appear on the top of 
each page. This box and its WYSIWYG formatting tools essentially will 
be the same no matter where you're modifying content for the site. If 
you prefer to work with raw HTML, click the Source button on the top 
left. If you want to see the changes, click Save Details and then, on the 
main page, click the blog name to open your blog as discussed earlier. 


™@ Edit the options for your main home page: opens the Home Page 
Options dialog box, which lets you set particular behavior features 
for the blog. 


™@ Edit the blog entry options: opens the Edit Blog Entry Options dialog 
box, which lets you set behaviors for all of your blog posts. 


® Edit your main blog footer: premium-only—opens the Blog Footer win- 
dow, letting you set what appears at the bottom of every blog page. 


@ Insert Portlet: portlets are the fancy widgets along the side of your blog. 
Click Insert Portlet to tell the administration console that you want to 
insert a new portlet at the exact position you chose, and it opens an 
Insert a new portlet dialog box. If you want to move a portlet up or 
down, click the up or down button in its box within the chart. To 
remove a portlet, click the X in its box. Premium subscribers have a 
much longer list of portlets they can use than free subscribers do. 


Because so many people like to customize blog themes, it’s worth dis- 
cussing how to do so in Blog-City. Choose Look'n’Feel—Theme Editor to 
access the proper page. Here, you can preview existing themes available to 
all Blog-City members by going to the Community Themes section and 
choosing one of the themes in the list, or you can click the right or left 
arrows to cycle through the list of themes. If a theme appears as only a 
white box, it is available, there is simply no preview. When you find a 
theme you want to use, click Use This Theme. Then, in the Save Theme 
section above, click the check box for Make this theme my live/public 
theme, and click Save Current Theme. Load your blog and you will see the 
new theme has been put into place. 

If you want, you can choose a theme to use as a base and then edit 
its contents. To do this, follow the instructions just given, but then in 
the Your Themes section, choose the theme from the drop-down list 
box and click Load Theme. Once you have done this, you will see all of 
the styles used in this theme along the left of the Theme Editor. Click 
Preview Theme to see how the theme looks. When you mouse over the 
preview, you will see pop-ups that show you which of the style tags 
applies to which of the sections. 

To edit a style setting, click it on the left to bring up the CSS settings for 
the particular style (Figure 7), and then alter the settings. On the left you can 
type in things directly, or you can use the selectors on the right to choose 
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Figure 6. The Blog-City Blog Header Page 
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Figure 7. The Blog-City Theme Editor Style Page for the Jazz Cafe Theme’s 
-pagetitle CSS Setting 


from listed options. Once your changes have been made, click Update & 
Preview to see the preview pane with your alterations in place. You can then 
click Return to edit style to go back and change what you just did. 

When you are finished changing the theme, click save/load at the top 
of the style listing. This action takes you back to the Theme Management 
main page. Change the name of the theme in the Current Theme Name, 
click the box to make the theme your live/public theme, and then click 
Save Current Theme. When you update your blog, the new settings should 
be in place. 


Posting to Your Blog 
Now that you have your blog set up, you probably want to post some- 
thing. Click the Blog-It tab at the top of the page to go to your Create 
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Figure 8. The Blog-City Create New Blog Entry Page 


New Blog Entry page (Figure 8), and then fill in the fields: 
@ Title: the title for the post. 


® Summary: you either can fill this in explicitly or let the software do it for 
you by pulling out the first 250 characters from your post. As you might 
imagine, this can end up trailing off in the middle of a sentence. 


® Link to entry: lets you tell Blog-City to use a specific URL instead of 
using the title as the URL, which is handy if you need to be able to spell 
out the link to people later. 


@ The content box: enter the content for your blog. 


When you're finished, click Save and publish if you're finished with the 
post and ready to put it up, click Save entry in draft if you're not ready to 
publish it, or click Preview if you want to see what the post will look like. If 
you have people signed up for your mailing list (look in Extra—Mailing List 
to see how many members—people can sign up right from your front 
page), you want to have checked the Send an alert e-mail to your mailing- 
list check box before posting. If you saved the entry to draft, you can post 
it later by clicking the Home tab, looking in the Entries not yet published 
section and clicking the entry title, and then clicking Publish Entry to the 
left of the content. 

Click the Entries tab to add other types of content. An Entry generally 
refers to a blog post, but you also can post reviews, photos and Events. 
The administration section changes as often as the Blog-City staff adds 
new features, so be sure to explore it as time goes on, so you don’t miss 
something new and cool. 


Happy blogging! m 


Dee-Ann LeBlanc (dee-ann.blog-city.com) is an award-winning technical writer and journalist specializing in 
Linux and miniature huskies. She welcomes comments sent to dee@renaissoft.com. 


Advertiser 


Advertiser 


ABeRDEEN, LLC 
www.aberdeeninc.com 


LINUX JOURNAL 
wwwlinuxjournal.com 


ADVANCED CLUSTERING TECHNOLOGIES 
www.advancedclustering.com 


Linux ON WALL ST. 
www.linuxonwallstreet.com 


AML 
www.amltd.com 


LPI 
wwwlpi.org 


APPRO HPC Sotutions 
appro.com. 


MBX 
www.mbx.com 


ASA COMPUTERS 
www.asacomputers.com 


Microway, INC. 
www.microway.com 


BitDeFeNoer, LLC 
www.bitdefender.com 


Mikro Tik 
www.routerboard.com 


CARI.NET 
www.cari.net 


Open Source STORAGE 
Wwww.opensourcestorage.com 


Cia TECHNOLOGY 10, 11, 16, 
www.ciara-tech.com 


O’ReILLY MySQL Users CONFERENCE 
www.mysqluc.com 


CONCURRENT COMPUTER CORPORATION 
www.ccur.com 


PENGUIN COMPUTING 
www.penguincomputing, com 


Coraio, INC. 
www.coraid.com 


PotyweLt CompuTERS, INC. 
www.polywell.com 


Coyote Point 
www.coyotepoint.com 


THE PorTLAND GROUP 
www.pgroup.com 


CYCLADES CORPORATION 
www.cyclades.com 


RACKSPACE MANAGED HosTING 
Wwww.rackspace.com 


EMAc, INC. 
www.emacinc.com 


R CuBeD TECHNOLOGIES 
www.rcubedtech.com 


EmperorLiNux 
www.emperorlinux.com 


SBE, INc. 
www.sbei.com 


FainCOM CORPORATION 
www.faircom.com 


Servers DIRECT 
www.serversdirect.com 


FOURTH GENERATION SOFTWARE SOLUTIONS 
www.fourthgeneration.com 


SuGcarCRM, INc. 
www.sugarcrm.com, 


GENSTOR SYSTEMS, INC. 
www.genstor.com 


‘SUPERMICRO 
www.supermicro.com 


Hurricane ELECTRIC 
www.he.net 


SWELL SOFTWARE, INC. 
www.swellsoftware.com 


IPSCON 
www.ispcon.com 


TECHNOLOGIC SYSTEMS 
www.embeddedx86.com 


IRON SYSTEMS 
Www. ironsystems. com 


THINKMATE 
www.thinkmate.com 


JAVA ONE 
java.sun.com/javaone/sf/index jsp 


Tyan Computer USA 
www.tyan.com 


LANTRONIX 
wwwalantronix.com 


USENIX 
www.usenix.org/usenix06/lj 


Layer 42 Networks 
wwwiayer42.net 


ZERVEX 
www.zervex.com 


LEVANTA 
wwwevanta.com 


ZT Group INTERNATIONAL 
www.ztgroup. com 


www.linuxjournal.com april 2006 


XOOPS 


YOU CAN DO IT AGAIN AND AGAIN 


How to set up, install and configure XOOPS, the object-oriented 
extensible blog and content management systeM. vv wasce.o rooricuez 


XOOPS is a content management system that allows you to handle a wide 
range of actions and operations in a dynamic and flexible way. XOOPS 
covers the needs of a large spectrum of users. Whether you are a common 
user looking for blog tools, or an advanced one who needs more complex 
or professional solutions, XOOPS fits the bill for both situations. 

XOOPS is based on object-oriented PHP code. The source code is 
designed to make XOOPS extensible. You can write your own modules to 
extend its feature set, or download optional XOOPS modules that people 
contribute and share on the Internet. 

This article covers the most relevant aspects of this helpful tool and 
examines common problems and gotchas. 

One can quickly notice that XOOPS provides a lighter and simpler setup 
than similar content management systems, such as Plone and Drupal. 
Some may argue that Plone and Drupal have more depth, but the simple 
and clean structure of XOOPS makes it ideal for those who are getting 
started with content management tools. 

| have been working on XOOPS for three years now, with a local Linux 
User Group. | have found XOOPS, during all this time, to be far from disap- 
pointing. Each particular need I’ve ever had was fulfilled by XOOPS. What's 
more, being GPL software, XOOPS gave me the chance to write new mod- 
ules as | pleased or simply to modify the old ones. Needs require solutions, 
and solutions present challenges, but when challenges are taken by one’s 
own hand, reward pays double. 

Speed is another XOOPS advantage. Even when you have a large 
user database and hundreds of posts, XOOPS response time is still 
among the best. 


Requirements and Setup 
If you have ever used a gallery system, a blog or a content management 
system, you are probably familiar with the basic requirements, which tend 
to be common to all of these types of Web applications. You need a 
database, a Web server and scripting support. XOOPS uses MySQL, Apache 
and PHP, respectively. You also need some experience with basic Apache, 
PHP and MySQL server settings. 

The first thing to do is to get the latest release of XOOPS from 
the XOOPS Web site (www.xoops.org). You should be able to find 
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a tarball or a zip file containing the XOOPS GPL source code. Select 

the proper mirror, and download the file. Here's a sample download 
command (you may need to change the name of the file if XOOPS is 
updated to a newer version): 


$ wget http://easynews.dl.sourceforge.net/sourceforge/ 
> xoops/xoops-2.0.13.2.tar.gz 


Most commercial host providers that use Linux for their servers support 
Apache, PHP and MySQL. So, if you are using a commercial host provider, 
you won't need to install any of these packages. You will simply need to 
upload the XOOPS source code to your host server. Depending on the host 
provider, you may have to unpack all the files first and upload the directory 
tree, or you may be able to upload the packed XOOPS file and unpack 
it on the host server. 

If you are serving up XOOPS on your own Web server, you have to 
install the Apache Web Server with PHP support and the MySQL Database 
Server. You can find Apache packages for virtually every distribution of 
GNU/Linux, although you may have to install PHP support separately, 
depending on which distribution you are using. 

Now, the first thing to do to get started with XOOPS is to place the 
XOOPS tarball’s content in a folder that Apache can access. The default 
document directory for Apache often varies from distribution to distribu- 
tion, but for our example installation, we use the directory /var/www 
(although in our case we will be modifying the default document root for 
Apache once we have the XOOPS files installed). 

Move the tarball and untar it: 


$ mv xoops-2.0.13.2.tar.gz /var/www/ 
$ tar -zxvf xoops-2.0.13.2.tar.gz 


You should notice that you now have a new directory /var/www/html/. 

In our installation, Apache stores its configuration files in the directory 
/etc/apache. You may find the Apache configuration files in some other 
directory (such as etc/httpd/) depending on your distribution. The easiest 
way to use XOOPS is to modify the Apache configuration file (usually 


fe Eat Yew Go Gookmens Toots tieq 


i... °° °»&»&8§€68€8§££- 


Figure 1. The test file shows that PHP is working. 


called httpd.conf). Modify the DocumentRoot variable to tell Apache 
where you put the XOOPS source code. In our case, you want to set 
the DocumentRoot to /var/www/htmil/: 


DocumentRoot /var/www/htm1/ 


We'll assume you have PHP and MySQL installed and ready to go. If 
you are running XOOPS on your own server, it is possible but unlikely that 
you will need to modify the default settings for PHP in order to make 
XOOPS work properly. PHP uses the file php.ini for its configuration. 

You normally use PHP as an Apache module. If your installation hasn't 
already done so, you can add the following lines to your Apache configu- 
ration to get PHP working with Apache: 


LoadModule php4_module libexec/libphp4.so 
AddModule mod_php4.c 
AddType application/x-httpd-php .php .phtml 


You can set up Apache with PHP version 5, but if you do, you might 
run into some problems with modules and code structures. So, if you don’t 
absolutely need to use PHP 5, use the version suggested by the XOOPS 
team: PHP 4.0.5 or another minor version of PHP 4. 

If you decide to use PHP 5, add the following lines to the httpd.conf 
file instead of the ones above: 


LoadModule php5_module libexec/libphp5.so 
AddModule mod_php5.c 
AddType application/x-httpd-php-source .phps 


Here is how to test Apache and PHP to see if you have both config- 
ured and working correctly. Take a text editor and create a file called 
Nvar/www/htmil/info.php (make sure it has the proper ownership and 
privileges so that Apache can read and use the file). Put the following 
lines in the file: 


<?php 
phpinfo(); 
?> 
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You may have to modify the privileges. Here’s a sample command 
to do that: 


$ chmod +xr /var/www/htm1/info.php 


If you have Apache running on your own server, point your browser to 
http://127.0.0.1/info.php. If you are using a commercial host, point your 
browser to http://yourdomain/info.php. If everything is working, your 
browser should show something like what you see in Figure 1. 

If you're using a commercial host, the MySQL Database Server will 
already be up and running. 

If you are using your own server, you may need to configure the 
MySQL Database Server. The configuration file for the MySQL server is 
called my.cnf. You will find it with your distribution, or in the source code. 
MySQL commonly includes three sample files named my-large.cnf, 
my-medium.cnf and my-small.cnf. Choose the one that seems right for your 
needs, and copy it to my.cnf as your starting configuration. XOOPS doesn’t 
need any special database settings, so you can use the my-small.cnf file as the 
template for your configuration. Once you are satisfied with the configuration, 
start up the MySQL server. 


XOOPS Installation 
Now, we'll assume you have MySQL and Apache/PHP running, so it is time 
to start with the installation of XOOPS. 

Point your Web browser to http://127.0.0. 1/install/index.php if you are 
using your own server. Point it to http://yourdomain/install/index.php if you 
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Figure 2. The First XOOPS Install Screen 


are using a commercial host. 

This should take you to the install screen. See Figure 2 for an example. 

Now, click on the Next button to see a brief introduction, as shown 
in Figure 3. 

Click on the Next button once again. At this point, it is quite possi- 
ble you will experience a problem with the permissions (see Figure 4 
for an example). 

Here’s how to solve these permission problems: 


$ chmod 777 uploads/ 
$ chmod 777 cache/ 
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Figure 3. XOOPS Introduction Screen 
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Figure 4. XOOPS reports permission problems during installation. 


$ chmod 777 templates_c/ 
$ chmod 666 mainfile.php 


Once you have set the correct permissions, press the Reload button, and 
you should see that there are no longer permission problems (Figure 5). 

Press the Next button again. Before we explain how to fill in the 
next page, you need to create the XOOPS MySQL database and a user 
name and password for that database. Open a console or an X terminal, 
and run the following commands: 


$ mysqladmin -u mysql -p create xoops4 
$ mysql -u mysql -p 


In this case, | selected xoops4 for the database name, and | used the 
default mysql as the MySQL user. You can use these names if you want to, 
but make sure to remember them. You'll need to fill in this information in 
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Figure 5. No more permission problems for XOOPS. 
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Figure 6. Tell XOOPS about the MySQL database, the database user and password as 
well as other information. 


a Web page shortly. The second command above logs you in to MySQL 
and presents you with a MySQL command prompt. Once you see the 
prompt, type the following command to give the mysq| user privileges to 
the xoops4 database, and set the password: 


mysql> GRANT ALL PRIVILEGES ON xoops4.* TO mysql@localhost 
“IDENTIFIED BY 'password'; 


Now that you’ve made a database called xoops4, you must replace its 
password in the command shown as 'password'. 

Now, back to the XOOPS Web configuration page. Fill in the correct 
information. Figure 6 shows the information for our sample installation. 
Normally, you would fill in the last field with the domain name for your 
Web server instead of using 127.0.0.1. 
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Figure 7. XOOPS Information Confirmation Screen 
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Figure 8. XOOPS tells you the configuration data it saves. 


After you click the Next button, you should see a screen that confirms 
all the information you entered (Figure 7). If everything looks fine, click 
Next. If something went wrong, go back and modify the information 
to correct it. 

When you press Next after the confirmation screen, you should see a 
new screen with the title Saving configuration data (Figure 8). Press the 
Next button again. XOOPS will check to see if the physical and virtual path 
to the XOOPS files are correct (Figure 9). 

Click the Next button again. You should see a Web page that confirms 
the database settings (Figure 10). 

Next, XOOPS checks to see if it can connect to the database and modi- 
fy the database (Figure 11). 

Click the Next button once again. Now the XOOPS installer creates all 
of the MySQL tables it needs (Figure 12). 

Now you need to fill the text boxes with information about the admin- 
istrator of the XOOPS site (Figure 13). XOOPS will ask you about the 
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Figure 9. All the paths check out. 
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Figure 10. Database settings check out. 


Admin name, Email and the password for the Admin account. 

Click Next, and XOOPS uses this information to insert some starting 
data in various XOOPS tables (Figure 14). 

Click the Next button once again and that should get your XOOPS site 
up and running. You should see a final confirmation screen like the one 
shown in Figure 15. 

Press the HERE link to get to the login screen for your site. This is 
actually what your site looks like when you first start XOOPS. It is obvi- 
ously bare bones, but that is because you haven't activated any of the 
XOOPS features yet. 

Log in using the administrator user name and password you 
specified earlier. 


XOOPS Administration 


Go to the Administrator Menu. You will see a number of menu icons on 
the left. These options configure various features of XOOPS. 
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Figure 11. XOOPS can connect to and use the database. 


Figure 13. Specify the XOOPS Administrator e-mail, user name and password. 


The next thing you should do is set up some basic information about 
your site. Go to the Administrator Menu, choose Preferences and then 
General Settings. Specify your Site name, Site Slogan, Theme, Admin mail 
address, Time Zone and so on. 
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Figure 12. XOOPS creates all of its own database tables. 


Due to the copious amount of files and information that are currently 
available for this application, it would be almost impossible to describe 
each module and plugin in-depth in this same article. However, according 
to my humble opinion, one of the most significant features—and also the 
first thing you will need to set up—is the option Preferences. On that 
menu, you can find the following submenus: General Settings, User Info 
Settings, Meta Tags and Footer, Word Censoring Options, Search Options 
and Mail Setup. 

| strongly recommend that you start working with General Settings first 
by clicking on the Edit tag. Now you should see another name displayed 
when you click on System Admin and its modules. 

From this menu, you can activate and deactivate your modules, or just 
add new ones. You can download those new modules from the XOOPS site. 

Go to the Administrator Menu, then to the Modules section and see 
how it looks (Figure 17). Here is where you can install, uninstall, activate 
and deactivate XOOPS modules. 


Once you have the modules installed and running, you can make the 
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Figure 14. XOOPS tells you about initializing data in various tables. 
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Figure 16. Login Screen for Your XOOPS Site Figure 19. Create and manage user groups for your site. 
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Figure 20. XOOPS User Management 


features they provide show up on your XOOPS home page. Go to the 
Blocks Administration section. You can add, modify or activate whatever 
modules you want and the features visible in various locations (the left col- 
umn, middle, right column and so on). You can specify who will be able to 
see or use the various features. In most cases, you will want to let every- 
one view the blocks you choose to display. See Figure 18 for a sample 
blocks configuration screen. 


There are cases where you might want to restrict who gets to see or use 
blocks. You do this by defining groups of users and assigning people who 
register for your site to the various groups. You can set, modify and add 
groups through the section Groups in the Administration Menu (Figure 19). 

XOOPS allows users to register for your site. In this case, XOOPS adds 
the users to your database. To add users yourself, or modify existing users, 
check out the option Edit Users (Figure 20). 


Adding More Modules and Themes 

XOOPS keeps modules in the directory /var/www/html/modules/ in our case. 
Obviously, if you use a different document root, you'll have to modify this 
path to suit your installation. If you want to add a new publicly available 
module to XOOPS, download it from the XOOPS site or from another 
resource, then unpack it in the directory for the modules (in our case, unpack 
it in VvarAwww/html/modules/). Go to Administrator Menu, then to modules, 
and you will have the option to install and activate this new module. 

You can also download custom themes for XOOPS. In our case, you 
would unpack a custom theme to the directory /varAwww/html/themes/. 
You can set this new theme as the default theme in the General 
Preferences section. 

There are many other things you can do to customize your installation 
of XOOPS. Work and play with the various administrator tools—as you 
usually will discover the best features by experimentation. 

Now you have a powerful Web site, based on a terrific object-oriented 
language and running upon a strong database and Web server and, of 
course, the most robust operating system available, GNU/Linux. 


Juan Marcelo Rodriguez has been working with GNU/Linux for many years. He writes articles for magazines, works 
with a local LUG and also works with LugAR/USLA. He likes to play the keyboard, read, write and listen to music. 
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Remote Temperature 
Monitoring with Linux 


Use a small footprint Linux with some cheap hardware 
to create a remote temperature monitor. STEVEN M. LAPINSKAS 


| started this project to record and access temperature readings 
remotely after | had a conversation with a friend who is in the 
HVAC business. His job is to make sure the climate indoors is com- 
fortable—not too hot and not too cold, depending on the weather 
outside. He finds many new installations have startup bugs that 
must be worked out, because no two installations are exactly the 
same. The end of the job is the most stressful. A customer calls 
after he is done and lets him know something is wrong. The cus- 
tomer isn't happy, but he doesn’t know where to start looking for 
the problem because there isn’t any good objective information 
about what is going wrong with the installation. 

We agreed that it would help to be able to record the outside 
temperature and log the readings electronically. This would be one 
way of improving the troubleshooting process. | then started the 
search to purchase an off-the-shelf recorder that was inexpensive, 
easy to install and simple to use. While looking, | found a wide 
range of commercial products and kits. Some are standalone and 
some use a PC for displaying and recording temperature data. Each 
of our three requirements was equally important and | found that 
most of the products were too expensive for our budget. Ease of 
installation was typically another problem. Some devices had com- 
plicated wiring or the requirement that they be placed where tem- 
perature was measured. Many people consider thermostats to be 
just clutter on a wall, so it wasn’t going to be easy to convince 
them to have another box to record temperature. 


The Linux Solution 

Finally, to solve the problems of cost and installation, | looked at the 
possibility of building a system from components. Following the Linux 
idea of assembling and integrating tools to get a task done, | looked at 
using a digital multimeter, a PC and software to make them work 
together. The digital multimeter with an RS-232 serial port interface 
would measure temperature using a sensor. The PC would collect the 
data from the multimeter and process it for display. 

| was aware of open-source utilities for the multimeter serial port 
interface using Linux and had purchased a multimeter earlier for general 
troubleshooting. We had a retired PC available, so all the components 
were on hand to build a prototype temperature recording system. 

The digital multimeter came with a serial port cable and DOS 
software. | didn’t use the supplied DOS program. There was no way 
to modify the program to allow temperature measurements with 
the sensor. Instead, | used QuickBasic to write new software from 
the ground up. | had the necessary details about the serial port 
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interface for the multimeter, and QuickBasic had all the features | 

needed. | got a prototype communication program to work, but | 

ran into memory management issues with DOS and QuickBasic as 
the application grew in size, especially when | started dealing with 
the need to display and record data. 

It seemed like a big step backward to struggle with memory man- 
agement at this point. | knew Linux would provide an environment 
where | wouldn't need to be concerned with memory management, so 
| looked for a distribution to use as a replacement for DOS. 

| found that the most popular Linux distributions weren't appropri- 
ate for this application. Even a minimal installation of these distribu- 
tions would exceed the capacity of the retired PC. The distribution | 
found that overcame these restrictions was University Linux from Paul 
Muller. It has small memory and disk requirements. | was able to run it 
on the retired PC using less than 20MB of DOS formatted hard disk 
space and 24MB of RAM. Best of all, the distribution is tolerant to 
power failures. If the power goes out, the PC reboots without causing 
file corruption problems that need manual help. This saves money and 
reduces complexity, because | didn’t need a UPS to keep the system 
running during power failures. 

Once | configured everything on the PC, there was no need for a 
keyboard or monitor. | could use a Windows PC and Telnet, along with 
an Ethernet connection to communicate with the system PC for devel- 
opment and testing. | prefer to write and test incrementally, so | chose 
Perl for the language for this project. University Linux comes with Perl 
version 5.003. | couldn't use Perl modules, the application size was too 
small, so this was a minor inconvenience. University Linux also includes 
Acme Labs thttpd server. This allowed me to set up the system to use a 
Web browser for viewing temperature measurements. 


Testing Hardware 
| used a Tandy Catalog No. 22-805 digital multimeter that comes with 
an operating manual, DOS software, wire test leads and serial cable 
with nine pin connectors. According to the manual, the communica- 
tion settings are 600 baud, seven data bits, two stop bits and no parity. 
Important information was left out of the operating manual, but | 
found what | needed on the Web. The DTR and RTS lines need special 
attention. The DTR line has to be set low and the RTS line set high for 
the meter to communicate through the serial port. It is impossible to 
get data from the meter without the two lines set this way. 

| could use only stty for serial communication with this distribution 
and couldn't explicitly control the DTR and RTS lines in the script. This 
meant | needed a hardware hack to make things work. 


| found that DTR and RTS change from a low to high state 
when | call stty in the script. This works out okay for DTR, but RTS 
has to remain low. | realized that the second serial port on the PC 
has RTS low as it isn’t being used. If | connected the multimeter 
serial interface cable RTS to the RTS pin of the second serial port, 


the multimeter would be faked into seeing the correct line setting. 


| simply removed the RTS line from the multimeter and connected 
it to the second serial port. 

With that problem solved, | powered up the multimeter and put 
together a short test script (serialtest.pl), as follows: 


# !/usr/bin/perl 
# 

# serialtest.pl 
# 
# Script for reading Tandy Model 22-805 meter 
# through serial port. 


$port = "/dev/ttyS1"; # set to COM1 
system ("stty 600 cs7 cstopb clocal -ixon -echo < $port"); 


open (SERIALPORT, "+>$port") or die "can't open $port. " 


body can be broken with excessive tugging or bending. | used a two- 
position terminal block to solve this problem and make the connection 
to the wiring simple. | placed one thermistor lead and a wire under a 
screw terminal and then tightened the screw to make a solid mechani- 
cal and electrical contact. 

With the thermistor connected to the ends of the test leads and 
the test leads plugged in to the multimeter, | powered up and ran the 
test script again. The result was a resistance reading: 


OH 34.23kO0hm 


The numeric portion of the reading is 34.23 with a k after it. The k 
is an abbreviation for kilo or 1,000. Because the multimeter LCD does- 
n't have enough characters to display large numbers, it uses a multipli- 
er. In this case 34.23k is 34,230 Ohms. 

| found that this reading was very close to 0°C by referencing a 
table of resistance-to-temperature values supplied by the manufacturer. 
It matched the temperature reading of another thermometer with a 
sensor in the general area, so | was confident that this assembled sys- 
tem would work and provide accurate readings. 

Now it was time to create a script to to use the data and display 
the temperature value. 


print SERIALPORT ("\n"); # take a reading 
$R = <SERIALPORT>; # read returned string 
print "$R" 

close (SERIALPORT); # close port 

exit 6; 


If the script ran successfully, | would get a 
string with the same reading shown in the 
multimeter LCD. | set the multimeter to the 
resistance measurement range and ran the 
script. The result was: 


OH 0.L MOhm 


A good start! The hardware hack worked. Now 
it was on to measure a temperature sensor with 
the multimeter. 

| chose an NTC (negative temperature coeffi- 
cient) thermistor for the temperature sensor. 
Despite the fearsome sounding name, this is just a 
small two-wire electronic component that changes 
electrical resistance with temperature. With a mul- 
timeter, the resistance measurement provides infor- 
mation to tell temperature. The thermistor is 
impossible to wire backward, because it isn’t volt- 
age-polarity (+ or —) sensitive. This means one less 
thing for the technician installing it in the field 
to worry about. 

The thermistor isn't fragile, but the leads to the 
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Software Choices 

Two choices were available to perform resistance-to- 
temperature conversion in the script. | could use a 
lookup table with pairs of resistance-to-temperature 
values in an array. The sheer number of elements in 
this array would be a drawback to this approach. A 
span from —40°C to +40°C requires 81 (don’t forget 
0°C) pairs of values. There was no easy way to 
manipulate a text file available from the thermistor 
manufacturer, and entering the values by hand would 
take time and be prone to errors. 

Instead, | used what's called the Steinhart-Hart 
equation (see sidebar). The equation was developed in 
the late 1960s to help process ocean temperature data 
collected with thermistors and provides direct conver- 
sion of resistance to temperature. A spreadsheet utility 
found on the Web helped with calculating coefficients 
unique to each family of thermistors and was used in 
the equation. 


Display Data 

Once the script calculates temperature from a multi- 
meter reading, it needs to be displayed or stored. With 
this in mind, | extended the test script to convert and 
display temperature, and show the time and resistance 
reading. University Linux uses the 2.0 kernel, and root 
user login by Telnet is allowed. When ordinary users 
attempt to run the grabtemp.pl script, an error is 
displayed because of the file permissions used for 
the serial port, /dev/ttyS1. | fixed this by changing 
permissions with: 


chmod atx /dev/ttyS1 


Now, ordinary users could log in and run the 
script to check temperature. They wouldn't need 
root access. 

Here is the output from the resulting 
showtemp.pl script: 


/perlserial: perl -w showtemp.pl 
01-05-2006 14:43 34 F 1.3 C 30.52 k Ohms 


Here you can see the date, time, temperatures in 
degrees F and degrees C, along with the actual resistance 
reading. | checked the temperature where the sensor was 
located and found that the reading was accurate, so the 
conversion formula part of the script worked. 

Not too many computer users are comfortable with 
using a command-line program interface. Web 
browsers with a point-and-click interface are a lot less 
intimidating. So, | extended the script once again to 
allow users to operate the system with a Web browser. 

With the thttpd server configured and running, it 
was just a matter of directing the output from the script 
to build a Web page for display. This was fairly straight- 
forward as the following code shows: 
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Running the webtemp.pl script from /cgi-bin gives 


This example shows the temperature in the room 
as well as the time and the date of the reading. You b 
can press the Update Reading button to rerun the 
script and display another temperature value. 

It is easy to write an extension to the script to log 
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"content-type: text/html \n\n"; 
"<HTML><BODY><P>" ; 

"<HEAD><title>Remote Temperature Measurement Page</title></HEAD>"; 
"<H2>Mechanical Room</H2> "; 


‘<form action="webtemp.pl" method=post> <P> <P>'; 


print "Interior Air Temperature = $out_tempF<BR>"; 
print "<BR>"; 

print "<BR>" 

print "Date: $out_date <BR>"; 

print "Time: $out_time <BR>"; 

print "<BR>"; 

print ‘<input type=submit value="Update Reading">'; 
print "</form>"; 

print "</BODY></HTML>"; 


ke the example shown in Figure 1. 


ime. | put a line in the rc (boot) 
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Figure 2. A sample set of values kept in the temperature monitoring log as seen through Telnet. 
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Security Concerns 
The overall objective was to 
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automatically. They are usually very small num- 
coefficients can be cut and pasted from the 
from typing 


concerns for each installation. You may 
have to implement some workarounds to 
address the security concerns. For example, 
you can log temperature readings in the 
form of text or HTML pages by a script run- 
ning in the background and not by a script 
in the cgi directory, which isolates the log- 
ging process from Web access. Alternately, 
you can gather data from this server using 
another secure server through FTP or HTTP. 
This would add another layer to prevent 
direct access by the outside world, but still 
make the information available. 


Future Extension 
Digital multimeters are general-purpose elec- 
tronic measurement tools. Although | used a 
thermistor for temperature measurement in this 
application, you can use other sensors that have 
resistance, voltage or electrical current as out- 
puts. Some other conditions to measure include 
flow, pressure, weight, light level and humidity. 
You don’t need more multimeters to mea- 
sure more than one temperature. You can con- 
nect a single multimeter to a switching device. 
You then would create a script to operate the 
switching device, which allows you to select 
one temperature sensor at a time. 


Conclusion 

This example shows how the tool concept 
behind Linux works for solving applications 
where cost and flexibility requirements are 
important. The wide variety of distributions 
available compared with other operating sys- 
tems meant developing a system with all the 
features needed was practical. Additionally, 
you can add features using Perl and the 
development environment provided by the 
University Linux distribution. 

The system can be duplicated for less 
than $100 US. The multimeter, thermistor 
and wiring accessories are available from 
numerous electronics retailers. Many retailers 
have Web sites, so it's easy to compare fea- 
tures, specs and pricing before ordering. 
Purchasing a used digital multimeter should 
be done with caution, as there is no easy way 
to tell whether accuracy of the instrument 
has been affected by the previous use. 


Resources for this article: 
www.linuxjournal.com/article/8833.m 


Steven M. Lapinskas has a professional background that includes 
the areas of software quality assurance, mechanical design and 
project management. Some of his free time is spent experimenting 
to interface Linux with the real world outside the computer. 


trademe 


GMpany and product names are registéfed | trademarks 9) 


wre 5 


Www.-faircom.com/go/?track 


a A ‘ 
RalrGomma dtd 
LECHNOIOGYAN 
IU POSSIVICy 


> 
r) 


AS 


etc/rant 


The Spirit of Open Source 


How dare Linus Torvalds recommend that people use what's best? 


Nick Petreley, Editor in Chief 


Dang. | had intended to rant about wikis 
this month, but Dave Taylor covered the 
topic thoroughly and did a much better job 
than | would have. See his article “Why | 
Don't bike [edit: Get] Wikis” in this issue. 

There’s plenty of other things to rant about, 
however. There’s the schizophrenic, religious 
and hypocritical zealotry of free/open-source 
advocates that often gets more ink than the 
sane attitudes that are more prevalent in the 
development community itself. 

Take the irrational fear of Java and its gate- 
keeper, Sun, as an example. Do you realize 
there are people who still insist that the only 
acceptable version of Java is a clean-room 
open-source implementation that (they pre- 
sume) cannot be controlled by Sun? Did you 
also know that, according to Evans data, the 
vast majority of Linux developers uses Java- 
based Eclipse as their favorite integrated devel- 
opment environment (IDE)? 

I'm using the Java-based Jedit to write this 
column. | use Jedit because | think it is the 
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best editor on the planet. Ask me if I’m afraid 
that Sun will send the Java police after me to 
collect a license fee. No, ask me what | would 
do if Sun did that? I'd gladly pay up. Why? | 
told you. | think Jedit is the best editor on the 
planet and | want to use it. 

Do you know what Linux developers 
named as their second favorite IDE? KDevelop. 
That's right, the KDE-based IDE that depends 
upon the evil Qt. Sure you can use the GPL 
version of Qt, which requires you to share your 
code. But Qt is evil because you have to pay 
license fees to its creator, Trolltech, if (and only 
if) you want to sell a closed-source proprietary 
application based on Qt. 

GTK, on the other hand, is good, because 
you can sell closed-source proprietary applica- 
tions based on GTK without having to give any- 
thing back to the people whose work you 
exploited in order to make your money. Don't 
take my word for it. When | talked to Ximian’s 
Miguel de Icaza, he named the LGPL license as 
the reason why people should choose GTK and 
GNOME over Qt and KDE. And it is the LGPL 
that allows people to exploit the work of the 
developers of GTK and GNOME without having 
to compensate them with money or source code. 

In view of this, it is beyond me how GTK 
and GNOME remain the poster children of open 
source for so many open-source advocates. 

What is the spirit of open source? It is the 
GNU General Public License. The idea is that if 
you publish software that integrates someone 
else's publicly available work (work licensed 
under the GPL), you are required to make your 
additional work available to the public as well. 

The Linux kernel is based on the GPL. NVIDIA 
violates the GPL because it keeps some of its 
Linux kernel driver code secret. The end result is 
that you will “taint” the kernel if you use 
NVIDIAs closed-source kernel module. Shame on 
NVIDIA. It isn't sharing like it's supposed to. 


Fine. | agree with that. But how can you 
go from there to saying GTK is good because 
it allows—no, invites—you to do what NVIDIA 
does? The whole point of the LGPL is to allow 
you to add something to GTK without having 
to compensate the GTK developers with either 
money or source code. 

Don’t get me wrong. Personally, | couldn't 
care less what motivates people to use Qt, 
GTK, Java, Python or the practically useless 
GCJ (GNU Java compiler). What irks me is 
when someone advocates inferior solutions 
purely in the name of open source, especially 
when those so-called open-source solutions so 
clearly violate the spirit of open source. 

If you want a good example of the right 
attitude, look no further than Linus Torvalds, 
Linux creator. You don't have to agree with 
his methods or his decisions, but | don’t see 
how anyone can impugn his motives. Here is 
a man who cares about what's right and what 
has practical value. 

So what are we to make of the fact that 
Linus Torvalds criticized GNOME and recom- 
mended KDE? Here we have the creator of the 
Linux kernel criticizing what many see as the 
poster child of open source and recommending 
the evil Qt-based KDE. Why would our open- 
source hero say such a thing? Because in his 
opinion (an opinion | share), the GNOME design 
is so bad it should be considered a disease. 

You don’t have to agree with him, but it’s 
plain that his recommendation is based on his 
opinion of what works best. There’s no sign of 
misguided zealotry or religion in that recom- 
mendation. Use what's best. What a concept. 
Linux developers seem to get it. It’s about time 
the open-source zealots got it too.™ 


Nicholas Petreley is Editor in Chief of Linux Journal and a former 
programmer, teacher, analyst and consultant who has been working 
with and writing about Linux for more than ten years. 


Rackspace — Managed Hosting Backed by Fanatical Support™ 


Fast servers, secure data centers and maximum bandwidth are all 
well and good. In fact, we invest a lot of money in them every year. 
But we believe hosting enterprise class web sites and web 
applications takes more than technology. It takes Fanatical Support. 


Fanatical Support isn’t a clever slogan, but the day to day reality our 
customers experience working with us. It’s how we have reimagined 
customer service to bring unprecedented responsiveness and value 
to everything we do for our customers. It starts the first time you 
talk with us. And it never ends. 


Contact us to see how Fanatical Support works for you. 


1.888.571.8976 or visit www.rackspace.com 


Thanks for honoring us with the 


‘| 2005 Linux Journal Readers' Choice Award for 


“Favorite Web-Hosting Service” 
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Microway's FasTree™ DDR InfiniBand < 
switches run at 5GHz, twice as fast as the 
competition's SDR models. FasTree's 
non-blocking, flow-through architecture makes 
it possible to create 24 to 72 port modular 

fabrics which have lower latency than 

monolithic switches. They aggregate data modulo 
24 instead of 12, improving nearest neighbor latency in fine grain problems 

and doubling the size of the largest three hop fat tree that can be built, from 288 to 576 
ports. Larger fabrics can be created linking 576 port domains together. 

Working with PathScale's InfiniPath HTX Adapters, the number of hops required to move MPI messages between nodes is 


reduced, improving latency. The modular design makes them useful for SDR, DDR and future QDR InfiniBand fabrics, greatly 
extending their useful life. Please send email to fastree@microway.com to request our white paper entitled Low Latency Modular 


A 72 Port FasTree™ Configuration 


Switches for InfiniBand. 


Microway's QuadPuter’® includes four AMD single or dual core Opteron™ processors, 1350 Watt redundant power supply, and 
up to 5 redundant, hot swap hard drives-all in 4U. Dual core enables users to increase computing capacity without increasing 
power requirements, thereby providing the best performance per watt. Constructed with stainless steel, QuadPuter’s 
RuggedRack” architecture is designed to keep the processors and memory running cool and efficiently. Hard drives are cooled 
with external air and are front-mounted along with the power supply for easy access and removal. The RuggedRack” is also 
available with an 8-way motherboard and up to 128 GB of memory for power- and 


memory-hungry SMP applications. 
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<4 QuadPuter® Navion™ with hot swap, redundant power and hard drives 
and dual core Opterons, offering the perfect balance between 
performance and density 
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